v1

package
v0.32.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 29, 2023 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	// Default case. Should never be this.
	AuditLogConfigLogTypeLogTypeUnspecified = AuditLogConfigLogType("LOG_TYPE_UNSPECIFIED")
	// Admin reads. Example: CloudIAM getIamPolicy
	AuditLogConfigLogTypeAdminRead = AuditLogConfigLogType("ADMIN_READ")
	// Data writes. Example: CloudSQL Users create
	AuditLogConfigLogTypeDataWrite = AuditLogConfigLogType("DATA_WRITE")
	// Data reads. Example: CloudSQL Users list
	AuditLogConfigLogTypeDataRead = AuditLogConfigLogType("DATA_READ")
)
View Source 
const (
	// Not specified.
	CaPoolTierTierUnspecified = CaPoolTier("TIER_UNSPECIFIED")
	// Enterprise tier.
	CaPoolTierEnterprise = CaPoolTier("ENTERPRISE")
	// DevOps tier.
	CaPoolTierDevops = CaPoolTier("DEVOPS")
)
View Source 
const (
	// Not specified.
	CertificateAuthorityTypeTypeUnspecified = CertificateAuthorityType("TYPE_UNSPECIFIED")
	// Self-signed CA.
	CertificateAuthorityTypeSelfSigned = CertificateAuthorityType("SELF_SIGNED")
	// Subordinate CA. Could be issued by a Private CA CertificateAuthority or an unmanaged CA.
	CertificateAuthorityTypeSubordinate = CertificateAuthorityType("SUBORDINATE")
)
View Source 
const (
	// Not specified.
	CertificateExtensionConstraintsKnownExtensionsItemKnownCertificateExtensionUnspecified = CertificateExtensionConstraintsKnownExtensionsItem("KNOWN_CERTIFICATE_EXTENSION_UNSPECIFIED")
	// Refers to a certificate's Key Usage extension, as described in [RFC 5280 section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3). This corresponds to the KeyUsage.base_key_usage field.
	CertificateExtensionConstraintsKnownExtensionsItemBaseKeyUsage = CertificateExtensionConstraintsKnownExtensionsItem("BASE_KEY_USAGE")
	// Refers to a certificate's Extended Key Usage extension, as described in [RFC 5280 section 4.2.1.12](https://tools.ietf.org/html/rfc5280#section-4.2.1.12). This corresponds to the KeyUsage.extended_key_usage message.
	CertificateExtensionConstraintsKnownExtensionsItemExtendedKeyUsage = CertificateExtensionConstraintsKnownExtensionsItem("EXTENDED_KEY_USAGE")
	// Refers to a certificate's Basic Constraints extension, as described in [RFC 5280 section 4.2.1.9](https://tools.ietf.org/html/rfc5280#section-4.2.1.9). This corresponds to the X509Parameters.ca_options field.
	CertificateExtensionConstraintsKnownExtensionsItemCaOptions = CertificateExtensionConstraintsKnownExtensionsItem("CA_OPTIONS")
	// Refers to a certificate's Policy object identifiers, as described in [RFC 5280 section 4.2.1.4](https://tools.ietf.org/html/rfc5280#section-4.2.1.4). This corresponds to the X509Parameters.policy_ids field.
	CertificateExtensionConstraintsKnownExtensionsItemPolicyIds = CertificateExtensionConstraintsKnownExtensionsItem("POLICY_IDS")
	// Refers to OCSP servers in a certificate's Authority Information Access extension, as described in [RFC 5280 section 4.2.2.1](https://tools.ietf.org/html/rfc5280#section-4.2.2.1), This corresponds to the X509Parameters.aia_ocsp_servers field.
	CertificateExtensionConstraintsKnownExtensionsItemAiaOcspServers = CertificateExtensionConstraintsKnownExtensionsItem("AIA_OCSP_SERVERS")
	// Refers to Name Constraints extension as described in [RFC 5280 section 4.2.1.10](https://tools.ietf.org/html/rfc5280#section-4.2.1.10)
	CertificateExtensionConstraintsKnownExtensionsItemNameConstraints = CertificateExtensionConstraintsKnownExtensionsItem("NAME_CONSTRAINTS")
)
View Source 
const (
	// Not specified.
	CertificateSubjectModeSubjectRequestModeUnspecified = CertificateSubjectMode("SUBJECT_REQUEST_MODE_UNSPECIFIED")
	// The default mode used in most cases. Indicates that the certificate's Subject and/or SubjectAltNames are specified in the certificate request. This mode requires the caller to have the `privateca.certificates.create` permission.
	CertificateSubjectModeDefault = CertificateSubjectMode("DEFAULT")
	// A mode reserved for special cases. Indicates that the certificate should have one SPIFFE SubjectAltNames set by the service based on the caller's identity. This mode will ignore any explicitly specified Subject and/or SubjectAltNames in the certificate request. This mode requires the caller to have the `privateca.certificates.createForSelf` permission.
	CertificateSubjectModeReflectedSpiffe = CertificateSubjectMode("REFLECTED_SPIFFE")
)
View Source 
const (
	// Not specified. Signifies that any signature algorithm may be used.
	EcKeyTypeSignatureAlgorithmEcSignatureAlgorithmUnspecified = EcKeyTypeSignatureAlgorithm("EC_SIGNATURE_ALGORITHM_UNSPECIFIED")
	// Refers to the Elliptic Curve Digital Signature Algorithm over the NIST P-256 curve.
	EcKeyTypeSignatureAlgorithmEcdsaP256 = EcKeyTypeSignatureAlgorithm("ECDSA_P256")
	// Refers to the Elliptic Curve Digital Signature Algorithm over the NIST P-384 curve.
	EcKeyTypeSignatureAlgorithmEcdsaP384 = EcKeyTypeSignatureAlgorithm("ECDSA_P384")
	// Refers to the Edwards-curve Digital Signature Algorithm over curve 25519, as described in RFC 8410.
	EcKeyTypeSignatureAlgorithmEddsa25519 = EcKeyTypeSignatureAlgorithm("EDDSA_25519")
)
View Source 
const (
	// Not specified.
	KeyVersionSpecAlgorithmSignHashAlgorithmUnspecified = KeyVersionSpecAlgorithm("SIGN_HASH_ALGORITHM_UNSPECIFIED")
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_2048_SHA256
	KeyVersionSpecAlgorithmRsaPss2048Sha256 = KeyVersionSpecAlgorithm("RSA_PSS_2048_SHA256")
	// maps to CryptoKeyVersionAlgorithm. RSA_SIGN_PSS_3072_SHA256
	KeyVersionSpecAlgorithmRsaPss3072Sha256 = KeyVersionSpecAlgorithm("RSA_PSS_3072_SHA256")
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PSS_4096_SHA256
	KeyVersionSpecAlgorithmRsaPss4096Sha256 = KeyVersionSpecAlgorithm("RSA_PSS_4096_SHA256")
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
	KeyVersionSpecAlgorithmRsaPkcs12048Sha256 = KeyVersionSpecAlgorithm("RSA_PKCS1_2048_SHA256")
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_3072_SHA256
	KeyVersionSpecAlgorithmRsaPkcs13072Sha256 = KeyVersionSpecAlgorithm("RSA_PKCS1_3072_SHA256")
	// maps to CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_4096_SHA256
	KeyVersionSpecAlgorithmRsaPkcs14096Sha256 = KeyVersionSpecAlgorithm("RSA_PKCS1_4096_SHA256")
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P256_SHA256
	KeyVersionSpecAlgorithmEcP256Sha256 = KeyVersionSpecAlgorithm("EC_P256_SHA256")
	// maps to CryptoKeyVersionAlgorithm.EC_SIGN_P384_SHA384
	KeyVersionSpecAlgorithmEcP384Sha384 = KeyVersionSpecAlgorithm("EC_P384_SHA384")
)
View Source 
const (
	// Default unspecified value.
	PublicKeyFormatKeyFormatUnspecified = PublicKeyFormat("KEY_FORMAT_UNSPECIFIED")
	// The key is PEM-encoded as defined in [RFC 7468](https://tools.ietf.org/html/rfc7468). It can be any of the following: a PEM-encoded PKCS#1/RFC 3447 RSAPublicKey structure, an RFC 5280 [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) or a PEM-encoded X.509 certificate signing request (CSR). If a [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) is specified, it can contain a A PEM-encoded PKCS#1/RFC 3447 RSAPublicKey or a NIST P-256/secp256r1/prime256v1 or P-384 key. If a CSR is specified, it will used solely for the purpose of extracting the public key. When generated by the service, it will always be an RFC 5280 [SubjectPublicKeyInfo](https://tools.ietf.org/html/rfc5280#section-4.1) structure containing an algorithm identifier and a key.
	PublicKeyFormatPem = PublicKeyFormat("PEM")
)
View Source 
const (
	// Not specified. By default, PEM format will be used.
	PublishingOptionsEncodingFormatEncodingFormatUnspecified = PublishingOptionsEncodingFormat("ENCODING_FORMAT_UNSPECIFIED")
	// The CertificateAuthority's CA certificate and CRLs will be published in PEM format.
	PublishingOptionsEncodingFormatPem = PublishingOptionsEncodingFormat("PEM")
	// The CertificateAuthority's CA certificate and CRLs will be published in DER format.
	PublishingOptionsEncodingFormatDer = PublishingOptionsEncodingFormat("DER")
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessUrlsResponse 

type AccessUrlsResponse struct {
	// The URL where this CertificateAuthority's CA certificate is published. This will only be set for CAs that have been activated.
	CaCertificateAccessUrl string `pulumi:"caCertificateAccessUrl"`
	// The URLs where this CertificateAuthority's CRLs are published. This will only be set for CAs that have been activated.
	CrlAccessUrls []string `pulumi:"crlAccessUrls"`
}

URLs where a CertificateAuthority will publish content.

type AccessUrlsResponseOutput 

type AccessUrlsResponseOutput struct{ *pulumi.OutputState }

URLs where a CertificateAuthority will publish content.

func (AccessUrlsResponseOutput) CaCertificateAccessUrl 

func (o AccessUrlsResponseOutput) CaCertificateAccessUrl() pulumi.StringOutput

The URL where this CertificateAuthority's CA certificate is published. This will only be set for CAs that have been activated.

func (AccessUrlsResponseOutput) CrlAccessUrls 

func (o AccessUrlsResponseOutput) CrlAccessUrls() pulumi.StringArrayOutput

The URLs where this CertificateAuthority's CRLs are published. This will only be set for CAs that have been activated.

func (AccessUrlsResponseOutput) ElementType 

func (AccessUrlsResponseOutput) ElementType() reflect.Type

func (AccessUrlsResponseOutput) ToAccessUrlsResponseOutput 

func (o AccessUrlsResponseOutput) ToAccessUrlsResponseOutput() AccessUrlsResponseOutput

func (AccessUrlsResponseOutput) ToAccessUrlsResponseOutputWithContext 

func (o AccessUrlsResponseOutput) ToAccessUrlsResponseOutputWithContext(ctx context.Context) AccessUrlsResponseOutput

type AllowedKeyType 

type AllowedKeyType struct {
	// Represents an allowed Elliptic Curve key type.
	EllipticCurve *EcKeyType `pulumi:"ellipticCurve"`
	// Represents an allowed RSA key type.
	Rsa *RsaKeyType `pulumi:"rsa"`
}

Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.

type AllowedKeyTypeArgs 

type AllowedKeyTypeArgs struct {
	// Represents an allowed Elliptic Curve key type.
	EllipticCurve EcKeyTypePtrInput `pulumi:"ellipticCurve"`
	// Represents an allowed RSA key type.
	Rsa RsaKeyTypePtrInput `pulumi:"rsa"`
}

Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.

func (AllowedKeyTypeArgs) ElementType 

func (AllowedKeyTypeArgs) ElementType() reflect.Type

func (AllowedKeyTypeArgs) ToAllowedKeyTypeOutput 

func (i AllowedKeyTypeArgs) ToAllowedKeyTypeOutput() AllowedKeyTypeOutput

func (AllowedKeyTypeArgs) ToAllowedKeyTypeOutputWithContext 

func (i AllowedKeyTypeArgs) ToAllowedKeyTypeOutputWithContext(ctx context.Context) AllowedKeyTypeOutput

type AllowedKeyTypeArray 

type AllowedKeyTypeArray []AllowedKeyTypeInput

func (AllowedKeyTypeArray) ElementType 

func (AllowedKeyTypeArray) ElementType() reflect.Type

func (AllowedKeyTypeArray) ToAllowedKeyTypeArrayOutput 

func (i AllowedKeyTypeArray) ToAllowedKeyTypeArrayOutput() AllowedKeyTypeArrayOutput

func (AllowedKeyTypeArray) ToAllowedKeyTypeArrayOutputWithContext 

func (i AllowedKeyTypeArray) ToAllowedKeyTypeArrayOutputWithContext(ctx context.Context) AllowedKeyTypeArrayOutput

type AllowedKeyTypeArrayInput 

type AllowedKeyTypeArrayInput interface {
	pulumi.Input

	ToAllowedKeyTypeArrayOutput() AllowedKeyTypeArrayOutput
	ToAllowedKeyTypeArrayOutputWithContext(context.Context) AllowedKeyTypeArrayOutput
}

AllowedKeyTypeArrayInput is an input type that accepts AllowedKeyTypeArray and AllowedKeyTypeArrayOutput values. You can construct a concrete instance of `AllowedKeyTypeArrayInput` via: 

AllowedKeyTypeArray{ AllowedKeyTypeArgs{...} }

type AllowedKeyTypeArrayOutput 

type AllowedKeyTypeArrayOutput struct{ *pulumi.OutputState }

func (AllowedKeyTypeArrayOutput) ElementType 

func (AllowedKeyTypeArrayOutput) ElementType() reflect.Type

func (AllowedKeyTypeArrayOutput) Index 

func (o AllowedKeyTypeArrayOutput) Index(i pulumi.IntInput) AllowedKeyTypeOutput

func (AllowedKeyTypeArrayOutput) ToAllowedKeyTypeArrayOutput 

func (o AllowedKeyTypeArrayOutput) ToAllowedKeyTypeArrayOutput() AllowedKeyTypeArrayOutput

func (AllowedKeyTypeArrayOutput) ToAllowedKeyTypeArrayOutputWithContext 

func (o AllowedKeyTypeArrayOutput) ToAllowedKeyTypeArrayOutputWithContext(ctx context.Context) AllowedKeyTypeArrayOutput

type AllowedKeyTypeInput 

type AllowedKeyTypeInput interface {
	pulumi.Input

	ToAllowedKeyTypeOutput() AllowedKeyTypeOutput
	ToAllowedKeyTypeOutputWithContext(context.Context) AllowedKeyTypeOutput
}

AllowedKeyTypeInput is an input type that accepts AllowedKeyTypeArgs and AllowedKeyTypeOutput values. You can construct a concrete instance of `AllowedKeyTypeInput` via: 

AllowedKeyTypeArgs{...}

type AllowedKeyTypeOutput 

type AllowedKeyTypeOutput struct{ *pulumi.OutputState }

Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.

func (AllowedKeyTypeOutput) ElementType 

func (AllowedKeyTypeOutput) ElementType() reflect.Type

func (AllowedKeyTypeOutput) EllipticCurve 

func (o AllowedKeyTypeOutput) EllipticCurve() EcKeyTypePtrOutput

Represents an allowed Elliptic Curve key type.

func (AllowedKeyTypeOutput) Rsa 

func (o AllowedKeyTypeOutput) Rsa() RsaKeyTypePtrOutput

Represents an allowed RSA key type.

func (AllowedKeyTypeOutput) ToAllowedKeyTypeOutput 

func (o AllowedKeyTypeOutput) ToAllowedKeyTypeOutput() AllowedKeyTypeOutput

func (AllowedKeyTypeOutput) ToAllowedKeyTypeOutputWithContext 

func (o AllowedKeyTypeOutput) ToAllowedKeyTypeOutputWithContext(ctx context.Context) AllowedKeyTypeOutput

type AllowedKeyTypeResponse 

type AllowedKeyTypeResponse struct {
	// Represents an allowed Elliptic Curve key type.
	EllipticCurve EcKeyTypeResponse `pulumi:"ellipticCurve"`
	// Represents an allowed RSA key type.
	Rsa RsaKeyTypeResponse `pulumi:"rsa"`
}

Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.

type AllowedKeyTypeResponseArrayOutput 

type AllowedKeyTypeResponseArrayOutput struct{ *pulumi.OutputState }

func (AllowedKeyTypeResponseArrayOutput) ElementType 

func (AllowedKeyTypeResponseArrayOutput) ElementType() reflect.Type

func (AllowedKeyTypeResponseArrayOutput) Index 

func (o AllowedKeyTypeResponseArrayOutput) Index(i pulumi.IntInput) AllowedKeyTypeResponseOutput

func (AllowedKeyTypeResponseArrayOutput) ToAllowedKeyTypeResponseArrayOutput 

func (o AllowedKeyTypeResponseArrayOutput) ToAllowedKeyTypeResponseArrayOutput() AllowedKeyTypeResponseArrayOutput

func (AllowedKeyTypeResponseArrayOutput) ToAllowedKeyTypeResponseArrayOutputWithContext 

func (o AllowedKeyTypeResponseArrayOutput) ToAllowedKeyTypeResponseArrayOutputWithContext(ctx context.Context) AllowedKeyTypeResponseArrayOutput

type AllowedKeyTypeResponseOutput 

type AllowedKeyTypeResponseOutput struct{ *pulumi.OutputState }

Describes a "type" of key that may be used in a Certificate issued from a CaPool. Note that a single AllowedKeyType may refer to either a fully-qualified key algorithm, such as RSA 4096, or a family of key algorithms, such as any RSA key.

func (AllowedKeyTypeResponseOutput) ElementType 

func (AllowedKeyTypeResponseOutput) ElementType() reflect.Type

func (AllowedKeyTypeResponseOutput) EllipticCurve 

func (o AllowedKeyTypeResponseOutput) EllipticCurve() EcKeyTypeResponseOutput

Represents an allowed Elliptic Curve key type.

func (AllowedKeyTypeResponseOutput) Rsa 

func (o AllowedKeyTypeResponseOutput) Rsa() RsaKeyTypeResponseOutput

Represents an allowed RSA key type.

func (AllowedKeyTypeResponseOutput) ToAllowedKeyTypeResponseOutput 

func (o AllowedKeyTypeResponseOutput) ToAllowedKeyTypeResponseOutput() AllowedKeyTypeResponseOutput

func (AllowedKeyTypeResponseOutput) ToAllowedKeyTypeResponseOutputWithContext 

func (o AllowedKeyTypeResponseOutput) ToAllowedKeyTypeResponseOutputWithContext(ctx context.Context) AllowedKeyTypeResponseOutput

type AuditConfig 

type AuditConfig struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs []AuditLogConfig `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service *string `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

type AuditConfigArgs 

type AuditConfigArgs struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs AuditLogConfigArrayInput `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service pulumi.StringPtrInput `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (AuditConfigArgs) ElementType 

func (AuditConfigArgs) ElementType() reflect.Type

func (AuditConfigArgs) ToAuditConfigOutput 

func (i AuditConfigArgs) ToAuditConfigOutput() AuditConfigOutput

func (AuditConfigArgs) ToAuditConfigOutputWithContext 

func (i AuditConfigArgs) ToAuditConfigOutputWithContext(ctx context.Context) AuditConfigOutput

type AuditConfigArray 

type AuditConfigArray []AuditConfigInput

func (AuditConfigArray) ElementType 

func (AuditConfigArray) ElementType() reflect.Type

func (AuditConfigArray) ToAuditConfigArrayOutput 

func (i AuditConfigArray) ToAuditConfigArrayOutput() AuditConfigArrayOutput

func (AuditConfigArray) ToAuditConfigArrayOutputWithContext 

func (i AuditConfigArray) ToAuditConfigArrayOutputWithContext(ctx context.Context) AuditConfigArrayOutput

type AuditConfigArrayInput 

type AuditConfigArrayInput interface {
	pulumi.Input

	ToAuditConfigArrayOutput() AuditConfigArrayOutput
	ToAuditConfigArrayOutputWithContext(context.Context) AuditConfigArrayOutput
}

AuditConfigArrayInput is an input type that accepts AuditConfigArray and AuditConfigArrayOutput values. You can construct a concrete instance of `AuditConfigArrayInput` via: 

AuditConfigArray{ AuditConfigArgs{...} }

type AuditConfigArrayOutput 

type AuditConfigArrayOutput struct{ *pulumi.OutputState }

func (AuditConfigArrayOutput) ElementType 

func (AuditConfigArrayOutput) ElementType() reflect.Type

func (AuditConfigArrayOutput) Index 

func (o AuditConfigArrayOutput) Index(i pulumi.IntInput) AuditConfigOutput

func (AuditConfigArrayOutput) ToAuditConfigArrayOutput 

func (o AuditConfigArrayOutput) ToAuditConfigArrayOutput() AuditConfigArrayOutput

func (AuditConfigArrayOutput) ToAuditConfigArrayOutputWithContext 

func (o AuditConfigArrayOutput) ToAuditConfigArrayOutputWithContext(ctx context.Context) AuditConfigArrayOutput

type AuditConfigInput 

type AuditConfigInput interface {
	pulumi.Input

	ToAuditConfigOutput() AuditConfigOutput
	ToAuditConfigOutputWithContext(context.Context) AuditConfigOutput
}

AuditConfigInput is an input type that accepts AuditConfigArgs and AuditConfigOutput values. You can construct a concrete instance of `AuditConfigInput` via: 

AuditConfigArgs{...}

type AuditConfigOutput 

type AuditConfigOutput struct{ *pulumi.OutputState }

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (AuditConfigOutput) AuditLogConfigs 

func (o AuditConfigOutput) AuditLogConfigs() AuditLogConfigArrayOutput

The configuration for logging of each type of permission.

func (AuditConfigOutput) ElementType 

func (AuditConfigOutput) ElementType() reflect.Type

func (AuditConfigOutput) Service 

func (o AuditConfigOutput) Service() pulumi.StringPtrOutput

Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (AuditConfigOutput) ToAuditConfigOutput 

func (o AuditConfigOutput) ToAuditConfigOutput() AuditConfigOutput

func (AuditConfigOutput) ToAuditConfigOutputWithContext 

func (o AuditConfigOutput) ToAuditConfigOutputWithContext(ctx context.Context) AuditConfigOutput

type AuditConfigResponse 

type AuditConfigResponse struct {
	// The configuration for logging of each type of permission.
	AuditLogConfigs []AuditLogConfigResponse `pulumi:"auditLogConfigs"`
	// Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.
	Service string `pulumi:"service"`
}

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

type AuditConfigResponseArrayOutput 

type AuditConfigResponseArrayOutput struct{ *pulumi.OutputState }

func (AuditConfigResponseArrayOutput) ElementType 

func (AuditConfigResponseArrayOutput) ElementType() reflect.Type

func (AuditConfigResponseArrayOutput) Index 

func (o AuditConfigResponseArrayOutput) Index(i pulumi.IntInput) AuditConfigResponseOutput

func (AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutput 

func (o AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutput() AuditConfigResponseArrayOutput

func (AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutputWithContext 

func (o AuditConfigResponseArrayOutput) ToAuditConfigResponseArrayOutputWithContext(ctx context.Context) AuditConfigResponseArrayOutput

type AuditConfigResponseOutput 

type AuditConfigResponseOutput struct{ *pulumi.OutputState }

Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:aliya@example.com" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.

func (AuditConfigResponseOutput) AuditLogConfigs 

func (o AuditConfigResponseOutput) AuditLogConfigs() AuditLogConfigResponseArrayOutput

The configuration for logging of each type of permission.

func (AuditConfigResponseOutput) ElementType 

func (AuditConfigResponseOutput) ElementType() reflect.Type

func (AuditConfigResponseOutput) Service 

func (o AuditConfigResponseOutput) Service() pulumi.StringOutput

Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.

func (AuditConfigResponseOutput) ToAuditConfigResponseOutput 

func (o AuditConfigResponseOutput) ToAuditConfigResponseOutput() AuditConfigResponseOutput

func (AuditConfigResponseOutput) ToAuditConfigResponseOutputWithContext 

func (o AuditConfigResponseOutput) ToAuditConfigResponseOutputWithContext(ctx context.Context) AuditConfigResponseOutput

type AuditLogConfig 

type AuditLogConfig struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType *AuditLogConfigLogType `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

type AuditLogConfigArgs 

type AuditLogConfigArgs struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers pulumi.StringArrayInput `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType AuditLogConfigLogTypePtrInput `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigArgs) ElementType 

func (AuditLogConfigArgs) ElementType() reflect.Type

func (AuditLogConfigArgs) ToAuditLogConfigOutput 

func (i AuditLogConfigArgs) ToAuditLogConfigOutput() AuditLogConfigOutput

func (AuditLogConfigArgs) ToAuditLogConfigOutputWithContext 

func (i AuditLogConfigArgs) ToAuditLogConfigOutputWithContext(ctx context.Context) AuditLogConfigOutput

type AuditLogConfigArray 

type AuditLogConfigArray []AuditLogConfigInput

func (AuditLogConfigArray) ElementType 

func (AuditLogConfigArray) ElementType() reflect.Type

func (AuditLogConfigArray) ToAuditLogConfigArrayOutput 

func (i AuditLogConfigArray) ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput

func (AuditLogConfigArray) ToAuditLogConfigArrayOutputWithContext 

func (i AuditLogConfigArray) ToAuditLogConfigArrayOutputWithContext(ctx context.Context) AuditLogConfigArrayOutput

type AuditLogConfigArrayInput 

type AuditLogConfigArrayInput interface {
	pulumi.Input

	ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput
	ToAuditLogConfigArrayOutputWithContext(context.Context) AuditLogConfigArrayOutput
}

AuditLogConfigArrayInput is an input type that accepts AuditLogConfigArray and AuditLogConfigArrayOutput values. You can construct a concrete instance of `AuditLogConfigArrayInput` via: 

AuditLogConfigArray{ AuditLogConfigArgs{...} }

type AuditLogConfigArrayOutput 

type AuditLogConfigArrayOutput struct{ *pulumi.OutputState }

func (AuditLogConfigArrayOutput) ElementType 

func (AuditLogConfigArrayOutput) ElementType() reflect.Type

func (AuditLogConfigArrayOutput) Index 

func (o AuditLogConfigArrayOutput) Index(i pulumi.IntInput) AuditLogConfigOutput

func (AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutput 

func (o AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutput() AuditLogConfigArrayOutput

func (AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutputWithContext 

func (o AuditLogConfigArrayOutput) ToAuditLogConfigArrayOutputWithContext(ctx context.Context) AuditLogConfigArrayOutput

type AuditLogConfigInput 

type AuditLogConfigInput interface {
	pulumi.Input

	ToAuditLogConfigOutput() AuditLogConfigOutput
	ToAuditLogConfigOutputWithContext(context.Context) AuditLogConfigOutput
}

AuditLogConfigInput is an input type that accepts AuditLogConfigArgs and AuditLogConfigOutput values. You can construct a concrete instance of `AuditLogConfigInput` via: 

AuditLogConfigArgs{...}

type AuditLogConfigLogType 

type AuditLogConfigLogType string

The log type that this config enables.

func (AuditLogConfigLogType) ElementType 

func (AuditLogConfigLogType) ElementType() reflect.Type

func (AuditLogConfigLogType) ToAuditLogConfigLogTypeOutput added in v0.6.0 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypeOutputWithContext added in v0.6.0 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypeOutputWithContext(ctx context.Context) AuditLogConfigLogTypeOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutput added in v0.6.0 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutputWithContext added in v0.6.0 

func (e AuditLogConfigLogType) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogType) ToStringOutput 

func (e AuditLogConfigLogType) ToStringOutput() pulumi.StringOutput

func (AuditLogConfigLogType) ToStringOutputWithContext 

func (e AuditLogConfigLogType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuditLogConfigLogType) ToStringPtrOutput 

func (e AuditLogConfigLogType) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogType) ToStringPtrOutputWithContext 

func (e AuditLogConfigLogType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigLogTypeInput added in v0.6.0 

type AuditLogConfigLogTypeInput interface {
	pulumi.Input

	ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput
	ToAuditLogConfigLogTypeOutputWithContext(context.Context) AuditLogConfigLogTypeOutput
}

AuditLogConfigLogTypeInput is an input type that accepts AuditLogConfigLogTypeArgs and AuditLogConfigLogTypeOutput values. You can construct a concrete instance of `AuditLogConfigLogTypeInput` via: 

AuditLogConfigLogTypeArgs{...}

type AuditLogConfigLogTypeOutput added in v0.6.0 

type AuditLogConfigLogTypeOutput struct{ *pulumi.OutputState }

func (AuditLogConfigLogTypeOutput) ElementType added in v0.6.0 

func (AuditLogConfigLogTypeOutput) ElementType() reflect.Type

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutput added in v0.6.0 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutput() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutputWithContext added in v0.6.0 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypeOutputWithContext(ctx context.Context) AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutput added in v0.6.0 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutputWithContext added in v0.6.0 

func (o AuditLogConfigLogTypeOutput) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypeOutput) ToStringOutput added in v0.6.0 

func (o AuditLogConfigLogTypeOutput) ToStringOutput() pulumi.StringOutput

func (AuditLogConfigLogTypeOutput) ToStringOutputWithContext added in v0.6.0 

func (o AuditLogConfigLogTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (AuditLogConfigLogTypeOutput) ToStringPtrOutput added in v0.6.0 

func (o AuditLogConfigLogTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogTypeOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o AuditLogConfigLogTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigLogTypePtrInput added in v0.6.0 

type AuditLogConfigLogTypePtrInput interface {
	pulumi.Input

	ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput
	ToAuditLogConfigLogTypePtrOutputWithContext(context.Context) AuditLogConfigLogTypePtrOutput
}

func AuditLogConfigLogTypePtr added in v0.6.0 

func AuditLogConfigLogTypePtr(v string) AuditLogConfigLogTypePtrInput

type AuditLogConfigLogTypePtrOutput added in v0.6.0 

type AuditLogConfigLogTypePtrOutput struct{ *pulumi.OutputState }

func (AuditLogConfigLogTypePtrOutput) Elem added in v0.6.0 

func (o AuditLogConfigLogTypePtrOutput) Elem() AuditLogConfigLogTypeOutput

func (AuditLogConfigLogTypePtrOutput) ElementType added in v0.6.0 

func (AuditLogConfigLogTypePtrOutput) ElementType() reflect.Type

func (AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutput added in v0.6.0 

func (o AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutput() AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutputWithContext added in v0.6.0 

func (o AuditLogConfigLogTypePtrOutput) ToAuditLogConfigLogTypePtrOutputWithContext(ctx context.Context) AuditLogConfigLogTypePtrOutput

func (AuditLogConfigLogTypePtrOutput) ToStringPtrOutput added in v0.6.0 

func (o AuditLogConfigLogTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (AuditLogConfigLogTypePtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o AuditLogConfigLogTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type AuditLogConfigOutput 

type AuditLogConfigOutput struct{ *pulumi.OutputState }

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigOutput) ElementType 

func (AuditLogConfigOutput) ElementType() reflect.Type

func (AuditLogConfigOutput) ExemptedMembers 

func (o AuditLogConfigOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

func (AuditLogConfigOutput) LogType 

func (o AuditLogConfigOutput) LogType() AuditLogConfigLogTypePtrOutput

The log type that this config enables.

func (AuditLogConfigOutput) ToAuditLogConfigOutput 

func (o AuditLogConfigOutput) ToAuditLogConfigOutput() AuditLogConfigOutput

func (AuditLogConfigOutput) ToAuditLogConfigOutputWithContext 

func (o AuditLogConfigOutput) ToAuditLogConfigOutputWithContext(ctx context.Context) AuditLogConfigOutput

type AuditLogConfigResponse 

type AuditLogConfigResponse struct {
	// Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.
	ExemptedMembers []string `pulumi:"exemptedMembers"`
	// The log type that this config enables.
	LogType string `pulumi:"logType"`
}

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

type AuditLogConfigResponseArrayOutput 

type AuditLogConfigResponseArrayOutput struct{ *pulumi.OutputState }

func (AuditLogConfigResponseArrayOutput) ElementType 

func (AuditLogConfigResponseArrayOutput) ElementType() reflect.Type

func (AuditLogConfigResponseArrayOutput) Index 

func (o AuditLogConfigResponseArrayOutput) Index(i pulumi.IntInput) AuditLogConfigResponseOutput

func (AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutput 

func (o AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutput() AuditLogConfigResponseArrayOutput

func (AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutputWithContext 

func (o AuditLogConfigResponseArrayOutput) ToAuditLogConfigResponseArrayOutputWithContext(ctx context.Context) AuditLogConfigResponseArrayOutput

type AuditLogConfigResponseOutput 

type AuditLogConfigResponseOutput struct{ *pulumi.OutputState }

Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:jose@example.com" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.

func (AuditLogConfigResponseOutput) ElementType 

func (AuditLogConfigResponseOutput) ElementType() reflect.Type

func (AuditLogConfigResponseOutput) ExemptedMembers 

func (o AuditLogConfigResponseOutput) ExemptedMembers() pulumi.StringArrayOutput

Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.

func (AuditLogConfigResponseOutput) LogType 

func (o AuditLogConfigResponseOutput) LogType() pulumi.StringOutput

The log type that this config enables.

func (AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutput 

func (o AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutput() AuditLogConfigResponseOutput

func (AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutputWithContext 

func (o AuditLogConfigResponseOutput) ToAuditLogConfigResponseOutputWithContext(ctx context.Context) AuditLogConfigResponseOutput

type Binding 

type Binding struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition *Expr `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members []string `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role *string `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

type BindingArgs 

type BindingArgs struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprPtrInput `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members pulumi.StringArrayInput `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringPtrInput `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

func (BindingArgs) ElementType 

func (BindingArgs) ElementType() reflect.Type

func (BindingArgs) ToBindingOutput 

func (i BindingArgs) ToBindingOutput() BindingOutput

func (BindingArgs) ToBindingOutputWithContext 

func (i BindingArgs) ToBindingOutputWithContext(ctx context.Context) BindingOutput

type BindingArray 

type BindingArray []BindingInput

func (BindingArray) ElementType 

func (BindingArray) ElementType() reflect.Type

func (BindingArray) ToBindingArrayOutput 

func (i BindingArray) ToBindingArrayOutput() BindingArrayOutput

func (BindingArray) ToBindingArrayOutputWithContext 

func (i BindingArray) ToBindingArrayOutputWithContext(ctx context.Context) BindingArrayOutput

type BindingArrayInput 

type BindingArrayInput interface {
	pulumi.Input

	ToBindingArrayOutput() BindingArrayOutput
	ToBindingArrayOutputWithContext(context.Context) BindingArrayOutput
}

BindingArrayInput is an input type that accepts BindingArray and BindingArrayOutput values. You can construct a concrete instance of `BindingArrayInput` via: 

BindingArray{ BindingArgs{...} }

type BindingArrayOutput 

type BindingArrayOutput struct{ *pulumi.OutputState }

func (BindingArrayOutput) ElementType 

func (BindingArrayOutput) ElementType() reflect.Type

func (BindingArrayOutput) Index 

func (o BindingArrayOutput) Index(i pulumi.IntInput) BindingOutput

func (BindingArrayOutput) ToBindingArrayOutput 

func (o BindingArrayOutput) ToBindingArrayOutput() BindingArrayOutput

func (BindingArrayOutput) ToBindingArrayOutputWithContext 

func (o BindingArrayOutput) ToBindingArrayOutputWithContext(ctx context.Context) BindingArrayOutput

type BindingInput 

type BindingInput interface {
	pulumi.Input

	ToBindingOutput() BindingOutput
	ToBindingOutputWithContext(context.Context) BindingOutput
}

BindingInput is an input type that accepts BindingArgs and BindingOutput values. You can construct a concrete instance of `BindingInput` via: 

BindingArgs{...}

type BindingOutput 

type BindingOutput struct{ *pulumi.OutputState }

Associates `members`, or principals, with a `role`.

func (BindingOutput) Condition 

func (o BindingOutput) Condition() ExprPtrOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (BindingOutput) ElementType 

func (BindingOutput) ElementType() reflect.Type

func (BindingOutput) Members 

func (o BindingOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (BindingOutput) Role 

func (o BindingOutput) Role() pulumi.StringPtrOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (BindingOutput) ToBindingOutput 

func (o BindingOutput) ToBindingOutput() BindingOutput

func (BindingOutput) ToBindingOutputWithContext 

func (o BindingOutput) ToBindingOutputWithContext(ctx context.Context) BindingOutput

type BindingResponse 

type BindingResponse struct {
	// The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Condition ExprResponse `pulumi:"condition"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members []string `pulumi:"members"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role string `pulumi:"role"`
}

Associates `members`, or principals, with a `role`.

type BindingResponseArrayOutput 

type BindingResponseArrayOutput struct{ *pulumi.OutputState }

func (BindingResponseArrayOutput) ElementType 

func (BindingResponseArrayOutput) ElementType() reflect.Type

func (BindingResponseArrayOutput) Index 

func (o BindingResponseArrayOutput) Index(i pulumi.IntInput) BindingResponseOutput

func (BindingResponseArrayOutput) ToBindingResponseArrayOutput 

func (o BindingResponseArrayOutput) ToBindingResponseArrayOutput() BindingResponseArrayOutput

func (BindingResponseArrayOutput) ToBindingResponseArrayOutputWithContext 

func (o BindingResponseArrayOutput) ToBindingResponseArrayOutputWithContext(ctx context.Context) BindingResponseArrayOutput

type BindingResponseOutput 

type BindingResponseOutput struct{ *pulumi.OutputState }

Associates `members`, or principals, with a `role`.

func (BindingResponseOutput) Condition 

func (o BindingResponseOutput) Condition() ExprResponseOutput

The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the principals in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

func (BindingResponseOutput) ElementType 

func (BindingResponseOutput) ElementType() reflect.Type

func (BindingResponseOutput) Members 

func (o BindingResponseOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (BindingResponseOutput) Role 

func (o BindingResponseOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (BindingResponseOutput) ToBindingResponseOutput 

func (o BindingResponseOutput) ToBindingResponseOutput() BindingResponseOutput

func (BindingResponseOutput) ToBindingResponseOutputWithContext 

func (o BindingResponseOutput) ToBindingResponseOutputWithContext(ctx context.Context) BindingResponseOutput

type CaOptions 

type CaOptions struct {
	// Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
	IsCa *bool `pulumi:"isCa"`
	// Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
	MaxIssuerPathLength *int `pulumi:"maxIssuerPathLength"`
}

Describes values that are relevant in a CA certificate.

type CaOptionsArgs 

type CaOptionsArgs struct {
	// Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
	IsCa pulumi.BoolPtrInput `pulumi:"isCa"`
	// Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
	MaxIssuerPathLength pulumi.IntPtrInput `pulumi:"maxIssuerPathLength"`
}

Describes values that are relevant in a CA certificate.

func (CaOptionsArgs) ElementType 

func (CaOptionsArgs) ElementType() reflect.Type

func (CaOptionsArgs) ToCaOptionsOutput 

func (i CaOptionsArgs) ToCaOptionsOutput() CaOptionsOutput

func (CaOptionsArgs) ToCaOptionsOutputWithContext 

func (i CaOptionsArgs) ToCaOptionsOutputWithContext(ctx context.Context) CaOptionsOutput

func (CaOptionsArgs) ToCaOptionsPtrOutput 

func (i CaOptionsArgs) ToCaOptionsPtrOutput() CaOptionsPtrOutput

func (CaOptionsArgs) ToCaOptionsPtrOutputWithContext 

func (i CaOptionsArgs) ToCaOptionsPtrOutputWithContext(ctx context.Context) CaOptionsPtrOutput

type CaOptionsInput 

type CaOptionsInput interface {
	pulumi.Input

	ToCaOptionsOutput() CaOptionsOutput
	ToCaOptionsOutputWithContext(context.Context) CaOptionsOutput
}

CaOptionsInput is an input type that accepts CaOptionsArgs and CaOptionsOutput values. You can construct a concrete instance of `CaOptionsInput` via: 

CaOptionsArgs{...}

type CaOptionsOutput 

type CaOptionsOutput struct{ *pulumi.OutputState }

Describes values that are relevant in a CA certificate.

func (CaOptionsOutput) ElementType 

func (CaOptionsOutput) ElementType() reflect.Type

func (CaOptionsOutput) IsCa 

func (o CaOptionsOutput) IsCa() pulumi.BoolPtrOutput

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

func (CaOptionsOutput) MaxIssuerPathLength 

func (o CaOptionsOutput) MaxIssuerPathLength() pulumi.IntPtrOutput

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

func (CaOptionsOutput) ToCaOptionsOutput 

func (o CaOptionsOutput) ToCaOptionsOutput() CaOptionsOutput

func (CaOptionsOutput) ToCaOptionsOutputWithContext 

func (o CaOptionsOutput) ToCaOptionsOutputWithContext(ctx context.Context) CaOptionsOutput

func (CaOptionsOutput) ToCaOptionsPtrOutput 

func (o CaOptionsOutput) ToCaOptionsPtrOutput() CaOptionsPtrOutput

func (CaOptionsOutput) ToCaOptionsPtrOutputWithContext 

func (o CaOptionsOutput) ToCaOptionsPtrOutputWithContext(ctx context.Context) CaOptionsPtrOutput

type CaOptionsPtrInput 

type CaOptionsPtrInput interface {
	pulumi.Input

	ToCaOptionsPtrOutput() CaOptionsPtrOutput
	ToCaOptionsPtrOutputWithContext(context.Context) CaOptionsPtrOutput
}

CaOptionsPtrInput is an input type that accepts CaOptionsArgs, CaOptionsPtr and CaOptionsPtrOutput values. You can construct a concrete instance of `CaOptionsPtrInput` via: 

        CaOptionsArgs{...}

or:

        nil

func CaOptionsPtr 

func CaOptionsPtr(v *CaOptionsArgs) CaOptionsPtrInput

type CaOptionsPtrOutput 

type CaOptionsPtrOutput struct{ *pulumi.OutputState }

func (CaOptionsPtrOutput) Elem 

func (o CaOptionsPtrOutput) Elem() CaOptionsOutput

func (CaOptionsPtrOutput) ElementType 

func (CaOptionsPtrOutput) ElementType() reflect.Type

func (CaOptionsPtrOutput) IsCa 

func (o CaOptionsPtrOutput) IsCa() pulumi.BoolPtrOutput

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

func (CaOptionsPtrOutput) MaxIssuerPathLength 

func (o CaOptionsPtrOutput) MaxIssuerPathLength() pulumi.IntPtrOutput

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

func (CaOptionsPtrOutput) ToCaOptionsPtrOutput 

func (o CaOptionsPtrOutput) ToCaOptionsPtrOutput() CaOptionsPtrOutput

func (CaOptionsPtrOutput) ToCaOptionsPtrOutputWithContext 

func (o CaOptionsPtrOutput) ToCaOptionsPtrOutputWithContext(ctx context.Context) CaOptionsPtrOutput

type CaOptionsResponse 

type CaOptionsResponse struct {
	// Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.
	IsCa bool `pulumi:"isCa"`
	// Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.
	MaxIssuerPathLength int `pulumi:"maxIssuerPathLength"`
}

Describes values that are relevant in a CA certificate.

type CaOptionsResponseOutput 

type CaOptionsResponseOutput struct{ *pulumi.OutputState }

Describes values that are relevant in a CA certificate.

func (CaOptionsResponseOutput) ElementType 

func (CaOptionsResponseOutput) ElementType() reflect.Type

func (CaOptionsResponseOutput) IsCa 

func (o CaOptionsResponseOutput) IsCa() pulumi.BoolOutput

Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is missing, the extension will be omitted from the CA certificate.

func (CaOptionsResponseOutput) MaxIssuerPathLength 

func (o CaOptionsResponseOutput) MaxIssuerPathLength() pulumi.IntOutput

Optional. Refers to the path length restriction X.509 extension. For a CA certificate, this value describes the depth of subordinate CA certificates that are allowed. If this value is less than 0, the request will fail. If this value is missing, the max path length will be omitted from the CA certificate.

func (CaOptionsResponseOutput) ToCaOptionsResponseOutput 

func (o CaOptionsResponseOutput) ToCaOptionsResponseOutput() CaOptionsResponseOutput

func (CaOptionsResponseOutput) ToCaOptionsResponseOutputWithContext 

func (o CaOptionsResponseOutput) ToCaOptionsResponseOutputWithContext(ctx context.Context) CaOptionsResponseOutput

type CaPool 

type CaPool struct {
	pulumi.CustomResourceState

	// Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
	CaPoolId pulumi.StringOutput `pulumi:"caPoolId"`
	// Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.
	IssuancePolicy IssuancePolicyResponseOutput `pulumi:"issuancePolicy"`
	// Optional. Labels with user-defined metadata.
	Labels   pulumi.StringMapOutput `pulumi:"labels"`
	Location pulumi.StringOutput    `pulumi:"location"`
	// The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.
	Name    pulumi.StringOutput `pulumi:"name"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.
	PublishingOptions PublishingOptionsResponseOutput `pulumi:"publishingOptions"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrOutput `pulumi:"requestId"`
	// Immutable. The Tier of this CaPool.
	Tier pulumi.StringOutput `pulumi:"tier"`
}

Create a CaPool. Auto-naming is currently not supported for this resource.

func GetCaPool 

func GetCaPool(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CaPoolState, opts ...pulumi.ResourceOption) (*CaPool, error)

GetCaPool gets an existing CaPool resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCaPool 

func NewCaPool(ctx *pulumi.Context,
	name string, args *CaPoolArgs, opts ...pulumi.ResourceOption) (*CaPool, error)

NewCaPool registers a new resource with the given unique name, arguments, and options.

func (*CaPool) ElementType 

func (*CaPool) ElementType() reflect.Type

func (*CaPool) ToCaPoolOutput 

func (i *CaPool) ToCaPoolOutput() CaPoolOutput

func (*CaPool) ToCaPoolOutputWithContext 

func (i *CaPool) ToCaPoolOutputWithContext(ctx context.Context) CaPoolOutput

type CaPoolArgs 

type CaPoolArgs struct {
	// Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
	CaPoolId pulumi.StringInput
	// Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.
	IssuancePolicy IssuancePolicyPtrInput
	// Optional. Labels with user-defined metadata.
	Labels   pulumi.StringMapInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.
	PublishingOptions PublishingOptionsPtrInput
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrInput
	// Immutable. The Tier of this CaPool.
	Tier CaPoolTierInput
}

The set of arguments for constructing a CaPool resource.

func (CaPoolArgs) ElementType 

func (CaPoolArgs) ElementType() reflect.Type

type CaPoolCertificateAuthorityCertificateRevocationListIamBinding added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamBinding struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetCaPoolCertificateAuthorityCertificateRevocationListIamBinding added in v0.26.0 

func GetCaPoolCertificateAuthorityCertificateRevocationListIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CaPoolCertificateAuthorityCertificateRevocationListIamBindingState, opts ...pulumi.ResourceOption) (*CaPoolCertificateAuthorityCertificateRevocationListIamBinding, error)

GetCaPoolCertificateAuthorityCertificateRevocationListIamBinding gets an existing CaPoolCertificateAuthorityCertificateRevocationListIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCaPoolCertificateAuthorityCertificateRevocationListIamBinding added in v0.26.0 

func NewCaPoolCertificateAuthorityCertificateRevocationListIamBinding(ctx *pulumi.Context,
	name string, args *CaPoolCertificateAuthorityCertificateRevocationListIamBindingArgs, opts ...pulumi.ResourceOption) (*CaPoolCertificateAuthorityCertificateRevocationListIamBinding, error)

NewCaPoolCertificateAuthorityCertificateRevocationListIamBinding registers a new resource with the given unique name, arguments, and options.

func (*CaPoolCertificateAuthorityCertificateRevocationListIamBinding) ElementType added in v0.26.0 

func (*CaPoolCertificateAuthorityCertificateRevocationListIamBinding) ElementType() reflect.Type

func (*CaPoolCertificateAuthorityCertificateRevocationListIamBinding) ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput added in v0.26.0 

func (i *CaPoolCertificateAuthorityCertificateRevocationListIamBinding) ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput() CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput

func (*CaPoolCertificateAuthorityCertificateRevocationListIamBinding) ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutputWithContext added in v0.26.0 

func (i *CaPoolCertificateAuthorityCertificateRevocationListIamBinding) ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput

type CaPoolCertificateAuthorityCertificateRevocationListIamBindingArgs added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamBindingArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringInput
}

The set of arguments for constructing a CaPoolCertificateAuthorityCertificateRevocationListIamBinding resource.

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingArgs) ElementType added in v0.26.0 

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingArgs) ElementType() reflect.Type

type CaPoolCertificateAuthorityCertificateRevocationListIamBindingInput added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamBindingInput interface {
	pulumi.Input

	ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput() CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput
	ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput
}

type CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput struct{ *pulumi.OutputState }

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Condition added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) ElementType added in v0.26.0 

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) ElementType() reflect.Type

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Etag added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Members added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Name added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Project added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Role added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput() CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutputWithContext added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamBindingOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamBindingOutput

type CaPoolCertificateAuthorityCertificateRevocationListIamBindingState added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamBindingState struct {
}

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingState) ElementType added in v0.26.0 

func (CaPoolCertificateAuthorityCertificateRevocationListIamBindingState) ElementType() reflect.Type

type CaPoolCertificateAuthorityCertificateRevocationListIamMember added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamMember struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Member pulumi.StringOutput `pulumi:"member"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetCaPoolCertificateAuthorityCertificateRevocationListIamMember added in v0.26.0 

func GetCaPoolCertificateAuthorityCertificateRevocationListIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CaPoolCertificateAuthorityCertificateRevocationListIamMemberState, opts ...pulumi.ResourceOption) (*CaPoolCertificateAuthorityCertificateRevocationListIamMember, error)

GetCaPoolCertificateAuthorityCertificateRevocationListIamMember gets an existing CaPoolCertificateAuthorityCertificateRevocationListIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCaPoolCertificateAuthorityCertificateRevocationListIamMember added in v0.26.0 

func NewCaPoolCertificateAuthorityCertificateRevocationListIamMember(ctx *pulumi.Context,
	name string, args *CaPoolCertificateAuthorityCertificateRevocationListIamMemberArgs, opts ...pulumi.ResourceOption) (*CaPoolCertificateAuthorityCertificateRevocationListIamMember, error)

NewCaPoolCertificateAuthorityCertificateRevocationListIamMember registers a new resource with the given unique name, arguments, and options.

func (*CaPoolCertificateAuthorityCertificateRevocationListIamMember) ElementType added in v0.26.0 

func (*CaPoolCertificateAuthorityCertificateRevocationListIamMember) ElementType() reflect.Type

func (*CaPoolCertificateAuthorityCertificateRevocationListIamMember) ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput added in v0.26.0 

func (i *CaPoolCertificateAuthorityCertificateRevocationListIamMember) ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput() CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput

func (*CaPoolCertificateAuthorityCertificateRevocationListIamMember) ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutputWithContext added in v0.26.0 

func (i *CaPoolCertificateAuthorityCertificateRevocationListIamMember) ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput

type CaPoolCertificateAuthorityCertificateRevocationListIamMemberArgs added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamMemberArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied.
	Role pulumi.StringInput
}

The set of arguments for constructing a CaPoolCertificateAuthorityCertificateRevocationListIamMember resource.

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberArgs) ElementType added in v0.26.0 

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberArgs) ElementType() reflect.Type

type CaPoolCertificateAuthorityCertificateRevocationListIamMemberInput added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamMemberInput interface {
	pulumi.Input

	ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput() CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput
	ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput
}

type CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput struct{ *pulumi.OutputState }

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Condition added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) ElementType added in v0.26.0 

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) ElementType() reflect.Type

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Etag added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Member added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Member() pulumi.StringOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Name added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Project added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Role added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput() CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutputWithContext added in v0.26.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamMemberOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamMemberOutput

type CaPoolCertificateAuthorityCertificateRevocationListIamMemberState added in v0.26.0 

type CaPoolCertificateAuthorityCertificateRevocationListIamMemberState struct {
}

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberState) ElementType added in v0.26.0 

func (CaPoolCertificateAuthorityCertificateRevocationListIamMemberState) ElementType() reflect.Type

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicy 

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings                    BindingResponseArrayOutput `pulumi:"bindings"`
	CaPoolId                    pulumi.StringOutput        `pulumi:"caPoolId"`
	CertificateAuthorityId      pulumi.StringOutput        `pulumi:"certificateAuthorityId"`
	CertificateRevocationListId pulumi.StringOutput        `pulumi:"certificateRevocationListId"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringOutput `pulumi:"etag"`
	Location pulumi.StringOutput `pulumi:"location"`
	Project  pulumi.StringOutput `pulumi:"project"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetCaPoolCertificateAuthorityCertificateRevocationListIamPolicy 

func GetCaPoolCertificateAuthorityCertificateRevocationListIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CaPoolCertificateAuthorityCertificateRevocationListIamPolicyState, opts ...pulumi.ResourceOption) (*CaPoolCertificateAuthorityCertificateRevocationListIamPolicy, error)

GetCaPoolCertificateAuthorityCertificateRevocationListIamPolicy gets an existing CaPoolCertificateAuthorityCertificateRevocationListIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCaPoolCertificateAuthorityCertificateRevocationListIamPolicy 

func NewCaPoolCertificateAuthorityCertificateRevocationListIamPolicy(ctx *pulumi.Context,
	name string, args *CaPoolCertificateAuthorityCertificateRevocationListIamPolicyArgs, opts ...pulumi.ResourceOption) (*CaPoolCertificateAuthorityCertificateRevocationListIamPolicy, error)

NewCaPoolCertificateAuthorityCertificateRevocationListIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*CaPoolCertificateAuthorityCertificateRevocationListIamPolicy) ElementType 

func (*CaPoolCertificateAuthorityCertificateRevocationListIamPolicy) ElementType() reflect.Type

func (*CaPoolCertificateAuthorityCertificateRevocationListIamPolicy) ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput 

func (i *CaPoolCertificateAuthorityCertificateRevocationListIamPolicy) ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput() CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput

func (*CaPoolCertificateAuthorityCertificateRevocationListIamPolicy) ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputWithContext 

func (i *CaPoolCertificateAuthorityCertificateRevocationListIamPolicy) ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicyArgs 

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings                    BindingArrayInput
	CaPoolId                    pulumi.StringInput
	CertificateAuthorityId      pulumi.StringInput
	CertificateRevocationListId pulumi.StringInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a CaPoolCertificateAuthorityCertificateRevocationListIamPolicy resource.

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyArgs) ElementType 

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyArgs) ElementType() reflect.Type

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicyInput 

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicyInput interface {
	pulumi.Input

	ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput() CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput
	ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput
}

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput 

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput struct{ *pulumi.OutputState }

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) AuditConfigs added in v0.19.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Bindings added in v0.19.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) CaPoolId added in v0.21.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) CaPoolId() pulumi.StringOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) CertificateAuthorityId added in v0.21.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) CertificateAuthorityId() pulumi.StringOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) CertificateRevocationListId added in v0.21.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) CertificateRevocationListId() pulumi.StringOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) ElementType 

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) ElementType() reflect.Type

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Etag added in v0.19.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Location added in v0.21.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Location() pulumi.StringOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Project added in v0.21.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Project() pulumi.StringOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput() CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputWithContext 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) ToCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputWithContext(ctx context.Context) CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Version added in v0.19.0 

func (o CaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicyState 

type CaPoolCertificateAuthorityCertificateRevocationListIamPolicyState struct {
}

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyState) ElementType 

func (CaPoolCertificateAuthorityCertificateRevocationListIamPolicyState) ElementType() reflect.Type

type CaPoolIamBinding added in v0.26.0 

type CaPoolIamBinding struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetCaPoolIamBinding added in v0.26.0 

func GetCaPoolIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CaPoolIamBindingState, opts ...pulumi.ResourceOption) (*CaPoolIamBinding, error)

GetCaPoolIamBinding gets an existing CaPoolIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCaPoolIamBinding added in v0.26.0 

func NewCaPoolIamBinding(ctx *pulumi.Context,
	name string, args *CaPoolIamBindingArgs, opts ...pulumi.ResourceOption) (*CaPoolIamBinding, error)

NewCaPoolIamBinding registers a new resource with the given unique name, arguments, and options.

func (*CaPoolIamBinding) ElementType added in v0.26.0 

func (*CaPoolIamBinding) ElementType() reflect.Type

func (*CaPoolIamBinding) ToCaPoolIamBindingOutput added in v0.26.0 

func (i *CaPoolIamBinding) ToCaPoolIamBindingOutput() CaPoolIamBindingOutput

func (*CaPoolIamBinding) ToCaPoolIamBindingOutputWithContext added in v0.26.0 

func (i *CaPoolIamBinding) ToCaPoolIamBindingOutputWithContext(ctx context.Context) CaPoolIamBindingOutput

type CaPoolIamBindingArgs added in v0.26.0 

type CaPoolIamBindingArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringInput
}

The set of arguments for constructing a CaPoolIamBinding resource.

func (CaPoolIamBindingArgs) ElementType added in v0.26.0 

func (CaPoolIamBindingArgs) ElementType() reflect.Type

type CaPoolIamBindingInput added in v0.26.0 

type CaPoolIamBindingInput interface {
	pulumi.Input

	ToCaPoolIamBindingOutput() CaPoolIamBindingOutput
	ToCaPoolIamBindingOutputWithContext(ctx context.Context) CaPoolIamBindingOutput
}

type CaPoolIamBindingOutput added in v0.26.0 

type CaPoolIamBindingOutput struct{ *pulumi.OutputState }

func (CaPoolIamBindingOutput) Condition added in v0.26.0 

func (o CaPoolIamBindingOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (CaPoolIamBindingOutput) ElementType added in v0.26.0 

func (CaPoolIamBindingOutput) ElementType() reflect.Type

func (CaPoolIamBindingOutput) Etag added in v0.26.0 

func (o CaPoolIamBindingOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (CaPoolIamBindingOutput) Members added in v0.26.0 

func (o CaPoolIamBindingOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (CaPoolIamBindingOutput) Name added in v0.26.0 

func (o CaPoolIamBindingOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (CaPoolIamBindingOutput) Project added in v0.26.0 

func (o CaPoolIamBindingOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (CaPoolIamBindingOutput) Role added in v0.26.0 

func (o CaPoolIamBindingOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (CaPoolIamBindingOutput) ToCaPoolIamBindingOutput added in v0.26.0 

func (o CaPoolIamBindingOutput) ToCaPoolIamBindingOutput() CaPoolIamBindingOutput

func (CaPoolIamBindingOutput) ToCaPoolIamBindingOutputWithContext added in v0.26.0 

func (o CaPoolIamBindingOutput) ToCaPoolIamBindingOutputWithContext(ctx context.Context) CaPoolIamBindingOutput

type CaPoolIamBindingState added in v0.26.0 

type CaPoolIamBindingState struct {
}

func (CaPoolIamBindingState) ElementType added in v0.26.0 

func (CaPoolIamBindingState) ElementType() reflect.Type

type CaPoolIamMember added in v0.26.0 

type CaPoolIamMember struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Member pulumi.StringOutput `pulumi:"member"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetCaPoolIamMember added in v0.26.0 

func GetCaPoolIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CaPoolIamMemberState, opts ...pulumi.ResourceOption) (*CaPoolIamMember, error)

GetCaPoolIamMember gets an existing CaPoolIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCaPoolIamMember added in v0.26.0 

func NewCaPoolIamMember(ctx *pulumi.Context,
	name string, args *CaPoolIamMemberArgs, opts ...pulumi.ResourceOption) (*CaPoolIamMember, error)

NewCaPoolIamMember registers a new resource with the given unique name, arguments, and options.

func (*CaPoolIamMember) ElementType added in v0.26.0 

func (*CaPoolIamMember) ElementType() reflect.Type

func (*CaPoolIamMember) ToCaPoolIamMemberOutput added in v0.26.0 

func (i *CaPoolIamMember) ToCaPoolIamMemberOutput() CaPoolIamMemberOutput

func (*CaPoolIamMember) ToCaPoolIamMemberOutputWithContext added in v0.26.0 

func (i *CaPoolIamMember) ToCaPoolIamMemberOutputWithContext(ctx context.Context) CaPoolIamMemberOutput

type CaPoolIamMemberArgs added in v0.26.0 

type CaPoolIamMemberArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied.
	Role pulumi.StringInput
}

The set of arguments for constructing a CaPoolIamMember resource.

func (CaPoolIamMemberArgs) ElementType added in v0.26.0 

func (CaPoolIamMemberArgs) ElementType() reflect.Type

type CaPoolIamMemberInput added in v0.26.0 

type CaPoolIamMemberInput interface {
	pulumi.Input

	ToCaPoolIamMemberOutput() CaPoolIamMemberOutput
	ToCaPoolIamMemberOutputWithContext(ctx context.Context) CaPoolIamMemberOutput
}

type CaPoolIamMemberOutput added in v0.26.0 

type CaPoolIamMemberOutput struct{ *pulumi.OutputState }

func (CaPoolIamMemberOutput) Condition added in v0.26.0 

func (o CaPoolIamMemberOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (CaPoolIamMemberOutput) ElementType added in v0.26.0 

func (CaPoolIamMemberOutput) ElementType() reflect.Type

func (CaPoolIamMemberOutput) Etag added in v0.26.0 

func (o CaPoolIamMemberOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (CaPoolIamMemberOutput) Member added in v0.26.0 

func (o CaPoolIamMemberOutput) Member() pulumi.StringOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (CaPoolIamMemberOutput) Name added in v0.26.0 

func (o CaPoolIamMemberOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (CaPoolIamMemberOutput) Project added in v0.26.0 

func (o CaPoolIamMemberOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (CaPoolIamMemberOutput) Role added in v0.26.0 

func (o CaPoolIamMemberOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (CaPoolIamMemberOutput) ToCaPoolIamMemberOutput added in v0.26.0 

func (o CaPoolIamMemberOutput) ToCaPoolIamMemberOutput() CaPoolIamMemberOutput

func (CaPoolIamMemberOutput) ToCaPoolIamMemberOutputWithContext added in v0.26.0 

func (o CaPoolIamMemberOutput) ToCaPoolIamMemberOutputWithContext(ctx context.Context) CaPoolIamMemberOutput

type CaPoolIamMemberState added in v0.26.0 

type CaPoolIamMemberState struct {
}

func (CaPoolIamMemberState) ElementType added in v0.26.0 

func (CaPoolIamMemberState) ElementType() reflect.Type

type CaPoolIamPolicy 

type CaPoolIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings BindingResponseArrayOutput `pulumi:"bindings"`
	CaPoolId pulumi.StringOutput        `pulumi:"caPoolId"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringOutput `pulumi:"etag"`
	Location pulumi.StringOutput `pulumi:"location"`
	Project  pulumi.StringOutput `pulumi:"project"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetCaPoolIamPolicy 

func GetCaPoolIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CaPoolIamPolicyState, opts ...pulumi.ResourceOption) (*CaPoolIamPolicy, error)

GetCaPoolIamPolicy gets an existing CaPoolIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCaPoolIamPolicy 

func NewCaPoolIamPolicy(ctx *pulumi.Context,
	name string, args *CaPoolIamPolicyArgs, opts ...pulumi.ResourceOption) (*CaPoolIamPolicy, error)

NewCaPoolIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*CaPoolIamPolicy) ElementType 

func (*CaPoolIamPolicy) ElementType() reflect.Type

func (*CaPoolIamPolicy) ToCaPoolIamPolicyOutput 

func (i *CaPoolIamPolicy) ToCaPoolIamPolicyOutput() CaPoolIamPolicyOutput

func (*CaPoolIamPolicy) ToCaPoolIamPolicyOutputWithContext 

func (i *CaPoolIamPolicy) ToCaPoolIamPolicyOutputWithContext(ctx context.Context) CaPoolIamPolicyOutput

type CaPoolIamPolicyArgs 

type CaPoolIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings BindingArrayInput
	CaPoolId pulumi.StringInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a CaPoolIamPolicy resource.

func (CaPoolIamPolicyArgs) ElementType 

func (CaPoolIamPolicyArgs) ElementType() reflect.Type

type CaPoolIamPolicyInput 

type CaPoolIamPolicyInput interface {
	pulumi.Input

	ToCaPoolIamPolicyOutput() CaPoolIamPolicyOutput
	ToCaPoolIamPolicyOutputWithContext(ctx context.Context) CaPoolIamPolicyOutput
}

type CaPoolIamPolicyOutput 

type CaPoolIamPolicyOutput struct{ *pulumi.OutputState }

func (CaPoolIamPolicyOutput) AuditConfigs added in v0.19.0 

func (o CaPoolIamPolicyOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (CaPoolIamPolicyOutput) Bindings added in v0.19.0 

func (o CaPoolIamPolicyOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (CaPoolIamPolicyOutput) CaPoolId added in v0.21.0 

func (o CaPoolIamPolicyOutput) CaPoolId() pulumi.StringOutput

func (CaPoolIamPolicyOutput) ElementType 

func (CaPoolIamPolicyOutput) ElementType() reflect.Type

func (CaPoolIamPolicyOutput) Etag added in v0.19.0 

func (o CaPoolIamPolicyOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (CaPoolIamPolicyOutput) Location added in v0.21.0 

func (o CaPoolIamPolicyOutput) Location() pulumi.StringOutput

func (CaPoolIamPolicyOutput) Project added in v0.21.0 

func (o CaPoolIamPolicyOutput) Project() pulumi.StringOutput

func (CaPoolIamPolicyOutput) ToCaPoolIamPolicyOutput 

func (o CaPoolIamPolicyOutput) ToCaPoolIamPolicyOutput() CaPoolIamPolicyOutput

func (CaPoolIamPolicyOutput) ToCaPoolIamPolicyOutputWithContext 

func (o CaPoolIamPolicyOutput) ToCaPoolIamPolicyOutputWithContext(ctx context.Context) CaPoolIamPolicyOutput

func (CaPoolIamPolicyOutput) Version added in v0.19.0 

func (o CaPoolIamPolicyOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type CaPoolIamPolicyState 

type CaPoolIamPolicyState struct {
}

func (CaPoolIamPolicyState) ElementType 

func (CaPoolIamPolicyState) ElementType() reflect.Type

type CaPoolInput 

type CaPoolInput interface {
	pulumi.Input

	ToCaPoolOutput() CaPoolOutput
	ToCaPoolOutputWithContext(ctx context.Context) CaPoolOutput
}

type CaPoolOutput 

type CaPoolOutput struct{ *pulumi.OutputState }

func (CaPoolOutput) CaPoolId added in v0.21.0 

func (o CaPoolOutput) CaPoolId() pulumi.StringOutput

Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`

func (CaPoolOutput) ElementType 

func (CaPoolOutput) ElementType() reflect.Type

func (CaPoolOutput) IssuancePolicy added in v0.19.0 

func (o CaPoolOutput) IssuancePolicy() IssuancePolicyResponseOutput

Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.

func (CaPoolOutput) Labels added in v0.19.0 

func (o CaPoolOutput) Labels() pulumi.StringMapOutput

Optional. Labels with user-defined metadata.

func (CaPoolOutput) Location added in v0.21.0 

func (o CaPoolOutput) Location() pulumi.StringOutput

func (CaPoolOutput) Name added in v0.19.0 

func (o CaPoolOutput) Name() pulumi.StringOutput

The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.

func (CaPoolOutput) Project added in v0.21.0 

func (o CaPoolOutput) Project() pulumi.StringOutput

func (CaPoolOutput) PublishingOptions added in v0.19.0 

func (o CaPoolOutput) PublishingOptions() PublishingOptionsResponseOutput

Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.

func (CaPoolOutput) RequestId added in v0.21.0 

func (o CaPoolOutput) RequestId() pulumi.StringPtrOutput

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

func (CaPoolOutput) Tier added in v0.19.0 

func (o CaPoolOutput) Tier() pulumi.StringOutput

Immutable. The Tier of this CaPool.

func (CaPoolOutput) ToCaPoolOutput 

func (o CaPoolOutput) ToCaPoolOutput() CaPoolOutput

func (CaPoolOutput) ToCaPoolOutputWithContext 

func (o CaPoolOutput) ToCaPoolOutputWithContext(ctx context.Context) CaPoolOutput

type CaPoolState 

type CaPoolState struct {
}

func (CaPoolState) ElementType 

func (CaPoolState) ElementType() reflect.Type

type CaPoolTier 

type CaPoolTier string

Required. Immutable. The Tier of this CaPool.

func (CaPoolTier) ElementType 

func (CaPoolTier) ElementType() reflect.Type

func (CaPoolTier) ToCaPoolTierOutput added in v0.6.0 

func (e CaPoolTier) ToCaPoolTierOutput() CaPoolTierOutput

func (CaPoolTier) ToCaPoolTierOutputWithContext added in v0.6.0 

func (e CaPoolTier) ToCaPoolTierOutputWithContext(ctx context.Context) CaPoolTierOutput

func (CaPoolTier) ToCaPoolTierPtrOutput added in v0.6.0 

func (e CaPoolTier) ToCaPoolTierPtrOutput() CaPoolTierPtrOutput

func (CaPoolTier) ToCaPoolTierPtrOutputWithContext added in v0.6.0 

func (e CaPoolTier) ToCaPoolTierPtrOutputWithContext(ctx context.Context) CaPoolTierPtrOutput

func (CaPoolTier) ToStringOutput 

func (e CaPoolTier) ToStringOutput() pulumi.StringOutput

func (CaPoolTier) ToStringOutputWithContext 

func (e CaPoolTier) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (CaPoolTier) ToStringPtrOutput 

func (e CaPoolTier) ToStringPtrOutput() pulumi.StringPtrOutput

func (CaPoolTier) ToStringPtrOutputWithContext 

func (e CaPoolTier) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CaPoolTierInput added in v0.6.0 

type CaPoolTierInput interface {
	pulumi.Input

	ToCaPoolTierOutput() CaPoolTierOutput
	ToCaPoolTierOutputWithContext(context.Context) CaPoolTierOutput
}

CaPoolTierInput is an input type that accepts CaPoolTierArgs and CaPoolTierOutput values. You can construct a concrete instance of `CaPoolTierInput` via: 

CaPoolTierArgs{...}

type CaPoolTierOutput added in v0.6.0 

type CaPoolTierOutput struct{ *pulumi.OutputState }

func (CaPoolTierOutput) ElementType added in v0.6.0 

func (CaPoolTierOutput) ElementType() reflect.Type

func (CaPoolTierOutput) ToCaPoolTierOutput added in v0.6.0 

func (o CaPoolTierOutput) ToCaPoolTierOutput() CaPoolTierOutput

func (CaPoolTierOutput) ToCaPoolTierOutputWithContext added in v0.6.0 

func (o CaPoolTierOutput) ToCaPoolTierOutputWithContext(ctx context.Context) CaPoolTierOutput

func (CaPoolTierOutput) ToCaPoolTierPtrOutput added in v0.6.0 

func (o CaPoolTierOutput) ToCaPoolTierPtrOutput() CaPoolTierPtrOutput

func (CaPoolTierOutput) ToCaPoolTierPtrOutputWithContext added in v0.6.0 

func (o CaPoolTierOutput) ToCaPoolTierPtrOutputWithContext(ctx context.Context) CaPoolTierPtrOutput

func (CaPoolTierOutput) ToStringOutput added in v0.6.0 

func (o CaPoolTierOutput) ToStringOutput() pulumi.StringOutput

func (CaPoolTierOutput) ToStringOutputWithContext added in v0.6.0 

func (o CaPoolTierOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (CaPoolTierOutput) ToStringPtrOutput added in v0.6.0 

func (o CaPoolTierOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (CaPoolTierOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o CaPoolTierOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CaPoolTierPtrInput added in v0.6.0 

type CaPoolTierPtrInput interface {
	pulumi.Input

	ToCaPoolTierPtrOutput() CaPoolTierPtrOutput
	ToCaPoolTierPtrOutputWithContext(context.Context) CaPoolTierPtrOutput
}

func CaPoolTierPtr added in v0.6.0 

func CaPoolTierPtr(v string) CaPoolTierPtrInput

type CaPoolTierPtrOutput added in v0.6.0 

type CaPoolTierPtrOutput struct{ *pulumi.OutputState }

func (CaPoolTierPtrOutput) Elem added in v0.6.0 

func (o CaPoolTierPtrOutput) Elem() CaPoolTierOutput

func (CaPoolTierPtrOutput) ElementType added in v0.6.0 

func (CaPoolTierPtrOutput) ElementType() reflect.Type

func (CaPoolTierPtrOutput) ToCaPoolTierPtrOutput added in v0.6.0 

func (o CaPoolTierPtrOutput) ToCaPoolTierPtrOutput() CaPoolTierPtrOutput

func (CaPoolTierPtrOutput) ToCaPoolTierPtrOutputWithContext added in v0.6.0 

func (o CaPoolTierPtrOutput) ToCaPoolTierPtrOutputWithContext(ctx context.Context) CaPoolTierPtrOutput

func (CaPoolTierPtrOutput) ToStringPtrOutput added in v0.6.0 

func (o CaPoolTierPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (CaPoolTierPtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o CaPoolTierPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type Certificate 

type Certificate struct {
	pulumi.CustomResourceState

	CaPoolId pulumi.StringOutput `pulumi:"caPoolId"`
	// A structured description of the issued X.509 certificate.
	CertificateDescription CertificateDescriptionResponseOutput `pulumi:"certificateDescription"`
	// Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.
	CertificateId pulumi.StringPtrOutput `pulumi:"certificateId"`
	// Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
	CertificateTemplate pulumi.StringOutput `pulumi:"certificateTemplate"`
	// Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
	Config CertificateConfigResponseOutput `pulumi:"config"`
	// The time at which this Certificate was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	IssuerCertificateAuthority pulumi.StringOutput `pulumi:"issuerCertificateAuthority"`
	// Optional. The resource ID of the CertificateAuthority that should issue the certificate. This optional field will ignore the load-balancing scheme of the Pool and directly issue the certificate from the CA with the specified ID, contained in the same CaPool referenced by `parent`. Per-CA quota rules apply. If left empty, a CertificateAuthority will be chosen from the CaPool by the service. For example, to issue a Certificate from a Certificate Authority with resource name "projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca", you can set the parent to "projects/my-project/locations/us-central1/caPools/my-pool" and the issuing_certificate_authority_id to "my-ca".
	IssuingCertificateAuthorityId pulumi.StringPtrOutput `pulumi:"issuingCertificateAuthorityId"`
	// Optional. Labels with user-defined metadata.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
	Lifetime pulumi.StringOutput `pulumi:"lifetime"`
	Location pulumi.StringOutput `pulumi:"location"`
	// The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
	Name pulumi.StringOutput `pulumi:"name"`
	// The pem-encoded, signed X.509 certificate.
	PemCertificate pulumi.StringOutput `pulumi:"pemCertificate"`
	// The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
	PemCertificateChain pulumi.StringArrayOutput `pulumi:"pemCertificateChain"`
	// Immutable. A pem-encoded X.509 certificate signing request (CSR).
	PemCsr  pulumi.StringOutput `pulumi:"pemCsr"`
	Project pulumi.StringOutput `pulumi:"project"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrOutput `pulumi:"requestId"`
	// Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
	RevocationDetails RevocationDetailsResponseOutput `pulumi:"revocationDetails"`
	// Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
	SubjectMode pulumi.StringOutput `pulumi:"subjectMode"`
	// The time at which this Certificate was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Create a new Certificate in a given Project, Location from a particular CaPool. Auto-naming is currently not supported for this resource. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetCertificate 

func GetCertificate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateState, opts ...pulumi.ResourceOption) (*Certificate, error)

GetCertificate gets an existing Certificate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificate 

func NewCertificate(ctx *pulumi.Context,
	name string, args *CertificateArgs, opts ...pulumi.ResourceOption) (*Certificate, error)

NewCertificate registers a new resource with the given unique name, arguments, and options.

func (*Certificate) ElementType 

func (*Certificate) ElementType() reflect.Type

func (*Certificate) ToCertificateOutput 

func (i *Certificate) ToCertificateOutput() CertificateOutput

func (*Certificate) ToCertificateOutputWithContext 

func (i *Certificate) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

type CertificateArgs 

type CertificateArgs struct {
	CaPoolId pulumi.StringInput
	// Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.
	CertificateId pulumi.StringPtrInput
	// Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
	CertificateTemplate pulumi.StringPtrInput
	// Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
	Config CertificateConfigPtrInput
	// Optional. The resource ID of the CertificateAuthority that should issue the certificate. This optional field will ignore the load-balancing scheme of the Pool and directly issue the certificate from the CA with the specified ID, contained in the same CaPool referenced by `parent`. Per-CA quota rules apply. If left empty, a CertificateAuthority will be chosen from the CaPool by the service. For example, to issue a Certificate from a Certificate Authority with resource name "projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca", you can set the parent to "projects/my-project/locations/us-central1/caPools/my-pool" and the issuing_certificate_authority_id to "my-ca".
	IssuingCertificateAuthorityId pulumi.StringPtrInput
	// Optional. Labels with user-defined metadata.
	Labels pulumi.StringMapInput
	// Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
	Lifetime pulumi.StringInput
	Location pulumi.StringPtrInput
	// Immutable. A pem-encoded X.509 certificate signing request (CSR).
	PemCsr  pulumi.StringPtrInput
	Project pulumi.StringPtrInput
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrInput
	// Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
	SubjectMode CertificateSubjectModePtrInput
}

The set of arguments for constructing a Certificate resource.

func (CertificateArgs) ElementType 

func (CertificateArgs) ElementType() reflect.Type

type CertificateAuthority 

type CertificateAuthority struct {
	pulumi.CustomResourceState

	// URLs for accessing content published by this CA, such as the CA certificate and CRLs.
	AccessUrls AccessUrlsResponseOutput `pulumi:"accessUrls"`
	// A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.
	CaCertificateDescriptions CertificateDescriptionResponseArrayOutput `pulumi:"caCertificateDescriptions"`
	CaPoolId                  pulumi.StringOutput                       `pulumi:"caPoolId"`
	// Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
	CertificateAuthorityId pulumi.StringOutput `pulumi:"certificateAuthorityId"`
	// Immutable. The config used to create a self-signed X.509 certificate or CSR.
	Config CertificateConfigResponseOutput `pulumi:"config"`
	// The time at which this CertificateAuthority was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.
	DeleteTime pulumi.StringOutput `pulumi:"deleteTime"`
	// The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.
	ExpireTime pulumi.StringOutput `pulumi:"expireTime"`
	// Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
	GcsBucket pulumi.StringOutput `pulumi:"gcsBucket"`
	// Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
	KeySpec KeyVersionSpecResponseOutput `pulumi:"keySpec"`
	// Optional. Labels with user-defined metadata.
	Labels pulumi.StringMapOutput `pulumi:"labels"`
	// Immutable. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
	Lifetime pulumi.StringOutput `pulumi:"lifetime"`
	Location pulumi.StringOutput `pulumi:"location"`
	// The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name pulumi.StringOutput `pulumi:"name"`
	// This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.
	PemCaCertificates pulumi.StringArrayOutput `pulumi:"pemCaCertificates"`
	Project           pulumi.StringOutput      `pulumi:"project"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrOutput `pulumi:"requestId"`
	// The State for this CertificateAuthority.
	State pulumi.StringOutput `pulumi:"state"`
	// Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
	SubordinateConfig SubordinateConfigResponseOutput `pulumi:"subordinateConfig"`
	// The CaPool.Tier of the CaPool that includes this CertificateAuthority.
	Tier pulumi.StringOutput `pulumi:"tier"`
	// Immutable. The Type of this CertificateAuthority.
	Type pulumi.StringOutput `pulumi:"type"`
	// The time at which this CertificateAuthority was last updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Create a new CertificateAuthority in a given Project and Location. Auto-naming is currently not supported for this resource.

func GetCertificateAuthority 

func GetCertificateAuthority(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateAuthorityState, opts ...pulumi.ResourceOption) (*CertificateAuthority, error)

GetCertificateAuthority gets an existing CertificateAuthority resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateAuthority 

func NewCertificateAuthority(ctx *pulumi.Context,
	name string, args *CertificateAuthorityArgs, opts ...pulumi.ResourceOption) (*CertificateAuthority, error)

NewCertificateAuthority registers a new resource with the given unique name, arguments, and options.

func (*CertificateAuthority) ElementType 

func (*CertificateAuthority) ElementType() reflect.Type

func (*CertificateAuthority) ToCertificateAuthorityOutput 

func (i *CertificateAuthority) ToCertificateAuthorityOutput() CertificateAuthorityOutput

func (*CertificateAuthority) ToCertificateAuthorityOutputWithContext 

func (i *CertificateAuthority) ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput

type CertificateAuthorityArgs 

type CertificateAuthorityArgs struct {
	CaPoolId pulumi.StringInput
	// Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
	CertificateAuthorityId pulumi.StringInput
	// Immutable. The config used to create a self-signed X.509 certificate or CSR.
	Config CertificateConfigInput
	// Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
	GcsBucket pulumi.StringPtrInput
	// Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
	KeySpec KeyVersionSpecInput
	// Optional. Labels with user-defined metadata.
	Labels pulumi.StringMapInput
	// Immutable. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
	Lifetime pulumi.StringInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrInput
	// Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
	SubordinateConfig SubordinateConfigPtrInput
	// Immutable. The Type of this CertificateAuthority.
	Type CertificateAuthorityTypeInput
}

The set of arguments for constructing a CertificateAuthority resource.

func (CertificateAuthorityArgs) ElementType 

func (CertificateAuthorityArgs) ElementType() reflect.Type

type CertificateAuthorityInput 

type CertificateAuthorityInput interface {
	pulumi.Input

	ToCertificateAuthorityOutput() CertificateAuthorityOutput
	ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput
}

type CertificateAuthorityOutput 

type CertificateAuthorityOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityOutput) AccessUrls added in v0.19.0 

func (o CertificateAuthorityOutput) AccessUrls() AccessUrlsResponseOutput

URLs for accessing content published by this CA, such as the CA certificate and CRLs.

func (CertificateAuthorityOutput) CaCertificateDescriptions added in v0.19.0 

func (o CertificateAuthorityOutput) CaCertificateDescriptions() CertificateDescriptionResponseArrayOutput

A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.

func (CertificateAuthorityOutput) CaPoolId added in v0.21.0 

func (o CertificateAuthorityOutput) CaPoolId() pulumi.StringOutput

func (CertificateAuthorityOutput) CertificateAuthorityId added in v0.21.0 

func (o CertificateAuthorityOutput) CertificateAuthorityId() pulumi.StringOutput

Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`

func (CertificateAuthorityOutput) Config added in v0.19.0 

func (o CertificateAuthorityOutput) Config() CertificateConfigResponseOutput

Immutable. The config used to create a self-signed X.509 certificate or CSR.

func (CertificateAuthorityOutput) CreateTime added in v0.19.0 

func (o CertificateAuthorityOutput) CreateTime() pulumi.StringOutput

The time at which this CertificateAuthority was created.

func (CertificateAuthorityOutput) DeleteTime added in v0.19.0 

func (o CertificateAuthorityOutput) DeleteTime() pulumi.StringOutput

The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.

func (CertificateAuthorityOutput) ElementType 

func (CertificateAuthorityOutput) ElementType() reflect.Type

func (CertificateAuthorityOutput) ExpireTime added in v0.19.0 

func (o CertificateAuthorityOutput) ExpireTime() pulumi.StringOutput

The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.

func (CertificateAuthorityOutput) GcsBucket added in v0.19.0 

func (o CertificateAuthorityOutput) GcsBucket() pulumi.StringOutput

Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.

func (CertificateAuthorityOutput) KeySpec added in v0.19.0 

func (o CertificateAuthorityOutput) KeySpec() KeyVersionSpecResponseOutput

Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.

func (CertificateAuthorityOutput) Labels added in v0.19.0 

func (o CertificateAuthorityOutput) Labels() pulumi.StringMapOutput

Optional. Labels with user-defined metadata.

func (CertificateAuthorityOutput) Lifetime added in v0.19.0 

func (o CertificateAuthorityOutput) Lifetime() pulumi.StringOutput

Immutable. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.

func (CertificateAuthorityOutput) Location added in v0.21.0 

func (o CertificateAuthorityOutput) Location() pulumi.StringOutput

func (CertificateAuthorityOutput) Name added in v0.19.0 

func (o CertificateAuthorityOutput) Name() pulumi.StringOutput

The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.

func (CertificateAuthorityOutput) PemCaCertificates added in v0.19.0 

func (o CertificateAuthorityOutput) PemCaCertificates() pulumi.StringArrayOutput

This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.

func (CertificateAuthorityOutput) Project added in v0.21.0 

func (o CertificateAuthorityOutput) Project() pulumi.StringOutput

func (CertificateAuthorityOutput) RequestId added in v0.21.0 

func (o CertificateAuthorityOutput) RequestId() pulumi.StringPtrOutput

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

func (CertificateAuthorityOutput) State added in v0.19.0 

func (o CertificateAuthorityOutput) State() pulumi.StringOutput

The State for this CertificateAuthority.

func (CertificateAuthorityOutput) SubordinateConfig added in v0.19.0 

func (o CertificateAuthorityOutput) SubordinateConfig() SubordinateConfigResponseOutput

Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.

func (CertificateAuthorityOutput) Tier added in v0.19.0 

func (o CertificateAuthorityOutput) Tier() pulumi.StringOutput

The CaPool.Tier of the CaPool that includes this CertificateAuthority.

func (CertificateAuthorityOutput) ToCertificateAuthorityOutput 

func (o CertificateAuthorityOutput) ToCertificateAuthorityOutput() CertificateAuthorityOutput

func (CertificateAuthorityOutput) ToCertificateAuthorityOutputWithContext 

func (o CertificateAuthorityOutput) ToCertificateAuthorityOutputWithContext(ctx context.Context) CertificateAuthorityOutput

func (CertificateAuthorityOutput) Type added in v0.19.0 

func (o CertificateAuthorityOutput) Type() pulumi.StringOutput

Immutable. The Type of this CertificateAuthority.

func (CertificateAuthorityOutput) UpdateTime added in v0.19.0 

func (o CertificateAuthorityOutput) UpdateTime() pulumi.StringOutput

The time at which this CertificateAuthority was last updated.

type CertificateAuthorityState 

type CertificateAuthorityState struct {
}

func (CertificateAuthorityState) ElementType 

func (CertificateAuthorityState) ElementType() reflect.Type

type CertificateAuthorityType 

type CertificateAuthorityType string

Required. Immutable. The Type of this CertificateAuthority.

func (CertificateAuthorityType) ElementType 

func (CertificateAuthorityType) ElementType() reflect.Type

func (CertificateAuthorityType) ToCertificateAuthorityTypeOutput added in v0.6.0 

func (e CertificateAuthorityType) ToCertificateAuthorityTypeOutput() CertificateAuthorityTypeOutput

func (CertificateAuthorityType) ToCertificateAuthorityTypeOutputWithContext added in v0.6.0 

func (e CertificateAuthorityType) ToCertificateAuthorityTypeOutputWithContext(ctx context.Context) CertificateAuthorityTypeOutput

func (CertificateAuthorityType) ToCertificateAuthorityTypePtrOutput added in v0.6.0 

func (e CertificateAuthorityType) ToCertificateAuthorityTypePtrOutput() CertificateAuthorityTypePtrOutput

func (CertificateAuthorityType) ToCertificateAuthorityTypePtrOutputWithContext added in v0.6.0 

func (e CertificateAuthorityType) ToCertificateAuthorityTypePtrOutputWithContext(ctx context.Context) CertificateAuthorityTypePtrOutput

func (CertificateAuthorityType) ToStringOutput 

func (e CertificateAuthorityType) ToStringOutput() pulumi.StringOutput

func (CertificateAuthorityType) ToStringOutputWithContext 

func (e CertificateAuthorityType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (CertificateAuthorityType) ToStringPtrOutput 

func (e CertificateAuthorityType) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateAuthorityType) ToStringPtrOutputWithContext 

func (e CertificateAuthorityType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateAuthorityTypeInput added in v0.6.0 

type CertificateAuthorityTypeInput interface {
	pulumi.Input

	ToCertificateAuthorityTypeOutput() CertificateAuthorityTypeOutput
	ToCertificateAuthorityTypeOutputWithContext(context.Context) CertificateAuthorityTypeOutput
}

CertificateAuthorityTypeInput is an input type that accepts CertificateAuthorityTypeArgs and CertificateAuthorityTypeOutput values. You can construct a concrete instance of `CertificateAuthorityTypeInput` via: 

CertificateAuthorityTypeArgs{...}

type CertificateAuthorityTypeOutput added in v0.6.0 

type CertificateAuthorityTypeOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityTypeOutput) ElementType added in v0.6.0 

func (CertificateAuthorityTypeOutput) ElementType() reflect.Type

func (CertificateAuthorityTypeOutput) ToCertificateAuthorityTypeOutput added in v0.6.0 

func (o CertificateAuthorityTypeOutput) ToCertificateAuthorityTypeOutput() CertificateAuthorityTypeOutput

func (CertificateAuthorityTypeOutput) ToCertificateAuthorityTypeOutputWithContext added in v0.6.0 

func (o CertificateAuthorityTypeOutput) ToCertificateAuthorityTypeOutputWithContext(ctx context.Context) CertificateAuthorityTypeOutput

func (CertificateAuthorityTypeOutput) ToCertificateAuthorityTypePtrOutput added in v0.6.0 

func (o CertificateAuthorityTypeOutput) ToCertificateAuthorityTypePtrOutput() CertificateAuthorityTypePtrOutput

func (CertificateAuthorityTypeOutput) ToCertificateAuthorityTypePtrOutputWithContext added in v0.6.0 

func (o CertificateAuthorityTypeOutput) ToCertificateAuthorityTypePtrOutputWithContext(ctx context.Context) CertificateAuthorityTypePtrOutput

func (CertificateAuthorityTypeOutput) ToStringOutput added in v0.6.0 

func (o CertificateAuthorityTypeOutput) ToStringOutput() pulumi.StringOutput

func (CertificateAuthorityTypeOutput) ToStringOutputWithContext added in v0.6.0 

func (o CertificateAuthorityTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (CertificateAuthorityTypeOutput) ToStringPtrOutput added in v0.6.0 

func (o CertificateAuthorityTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateAuthorityTypeOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o CertificateAuthorityTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateAuthorityTypePtrInput added in v0.6.0 

type CertificateAuthorityTypePtrInput interface {
	pulumi.Input

	ToCertificateAuthorityTypePtrOutput() CertificateAuthorityTypePtrOutput
	ToCertificateAuthorityTypePtrOutputWithContext(context.Context) CertificateAuthorityTypePtrOutput
}

func CertificateAuthorityTypePtr added in v0.6.0 

func CertificateAuthorityTypePtr(v string) CertificateAuthorityTypePtrInput

type CertificateAuthorityTypePtrOutput added in v0.6.0 

type CertificateAuthorityTypePtrOutput struct{ *pulumi.OutputState }

func (CertificateAuthorityTypePtrOutput) Elem added in v0.6.0 

func (o CertificateAuthorityTypePtrOutput) Elem() CertificateAuthorityTypeOutput

func (CertificateAuthorityTypePtrOutput) ElementType added in v0.6.0 

func (CertificateAuthorityTypePtrOutput) ElementType() reflect.Type

func (CertificateAuthorityTypePtrOutput) ToCertificateAuthorityTypePtrOutput added in v0.6.0 

func (o CertificateAuthorityTypePtrOutput) ToCertificateAuthorityTypePtrOutput() CertificateAuthorityTypePtrOutput

func (CertificateAuthorityTypePtrOutput) ToCertificateAuthorityTypePtrOutputWithContext added in v0.6.0 

func (o CertificateAuthorityTypePtrOutput) ToCertificateAuthorityTypePtrOutputWithContext(ctx context.Context) CertificateAuthorityTypePtrOutput

func (CertificateAuthorityTypePtrOutput) ToStringPtrOutput added in v0.6.0 

func (o CertificateAuthorityTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateAuthorityTypePtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o CertificateAuthorityTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateConfig 

type CertificateConfig struct {
	// Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
	PublicKey *PublicKey `pulumi:"publicKey"`
	// Specifies some of the values in a certificate that are related to the subject.
	SubjectConfig SubjectConfig `pulumi:"subjectConfig"`
	// Describes how some of the technical X.509 fields in a certificate should be populated.
	X509Config X509Parameters `pulumi:"x509Config"`
}

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

type CertificateConfigArgs 

type CertificateConfigArgs struct {
	// Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
	PublicKey PublicKeyPtrInput `pulumi:"publicKey"`
	// Specifies some of the values in a certificate that are related to the subject.
	SubjectConfig SubjectConfigInput `pulumi:"subjectConfig"`
	// Describes how some of the technical X.509 fields in a certificate should be populated.
	X509Config X509ParametersInput `pulumi:"x509Config"`
}

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

func (CertificateConfigArgs) ElementType 

func (CertificateConfigArgs) ElementType() reflect.Type

func (CertificateConfigArgs) ToCertificateConfigOutput 

func (i CertificateConfigArgs) ToCertificateConfigOutput() CertificateConfigOutput

func (CertificateConfigArgs) ToCertificateConfigOutputWithContext 

func (i CertificateConfigArgs) ToCertificateConfigOutputWithContext(ctx context.Context) CertificateConfigOutput

func (CertificateConfigArgs) ToCertificateConfigPtrOutput 

func (i CertificateConfigArgs) ToCertificateConfigPtrOutput() CertificateConfigPtrOutput

func (CertificateConfigArgs) ToCertificateConfigPtrOutputWithContext 

func (i CertificateConfigArgs) ToCertificateConfigPtrOutputWithContext(ctx context.Context) CertificateConfigPtrOutput

type CertificateConfigInput 

type CertificateConfigInput interface {
	pulumi.Input

	ToCertificateConfigOutput() CertificateConfigOutput
	ToCertificateConfigOutputWithContext(context.Context) CertificateConfigOutput
}

CertificateConfigInput is an input type that accepts CertificateConfigArgs and CertificateConfigOutput values. You can construct a concrete instance of `CertificateConfigInput` via: 

CertificateConfigArgs{...}

type CertificateConfigOutput 

type CertificateConfigOutput struct{ *pulumi.OutputState }

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

func (CertificateConfigOutput) ElementType 

func (CertificateConfigOutput) ElementType() reflect.Type

func (CertificateConfigOutput) PublicKey 

func (o CertificateConfigOutput) PublicKey() PublicKeyPtrOutput

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

func (CertificateConfigOutput) SubjectConfig 

func (o CertificateConfigOutput) SubjectConfig() SubjectConfigOutput

Specifies some of the values in a certificate that are related to the subject.

func (CertificateConfigOutput) ToCertificateConfigOutput 

func (o CertificateConfigOutput) ToCertificateConfigOutput() CertificateConfigOutput

func (CertificateConfigOutput) ToCertificateConfigOutputWithContext 

func (o CertificateConfigOutput) ToCertificateConfigOutputWithContext(ctx context.Context) CertificateConfigOutput

func (CertificateConfigOutput) ToCertificateConfigPtrOutput 

func (o CertificateConfigOutput) ToCertificateConfigPtrOutput() CertificateConfigPtrOutput

func (CertificateConfigOutput) ToCertificateConfigPtrOutputWithContext 

func (o CertificateConfigOutput) ToCertificateConfigPtrOutputWithContext(ctx context.Context) CertificateConfigPtrOutput

func (CertificateConfigOutput) X509Config 

func (o CertificateConfigOutput) X509Config() X509ParametersOutput

Describes how some of the technical X.509 fields in a certificate should be populated.

type CertificateConfigPtrInput 

type CertificateConfigPtrInput interface {
	pulumi.Input

	ToCertificateConfigPtrOutput() CertificateConfigPtrOutput
	ToCertificateConfigPtrOutputWithContext(context.Context) CertificateConfigPtrOutput
}

CertificateConfigPtrInput is an input type that accepts CertificateConfigArgs, CertificateConfigPtr and CertificateConfigPtrOutput values. You can construct a concrete instance of `CertificateConfigPtrInput` via: 

        CertificateConfigArgs{...}

or:

        nil

func CertificateConfigPtr 

func CertificateConfigPtr(v *CertificateConfigArgs) CertificateConfigPtrInput

type CertificateConfigPtrOutput 

type CertificateConfigPtrOutput struct{ *pulumi.OutputState }

func (CertificateConfigPtrOutput) Elem 

func (o CertificateConfigPtrOutput) Elem() CertificateConfigOutput

func (CertificateConfigPtrOutput) ElementType 

func (CertificateConfigPtrOutput) ElementType() reflect.Type

func (CertificateConfigPtrOutput) PublicKey 

func (o CertificateConfigPtrOutput) PublicKey() PublicKeyPtrOutput

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

func (CertificateConfigPtrOutput) SubjectConfig 

func (o CertificateConfigPtrOutput) SubjectConfig() SubjectConfigPtrOutput

Specifies some of the values in a certificate that are related to the subject.

func (CertificateConfigPtrOutput) ToCertificateConfigPtrOutput 

func (o CertificateConfigPtrOutput) ToCertificateConfigPtrOutput() CertificateConfigPtrOutput

func (CertificateConfigPtrOutput) ToCertificateConfigPtrOutputWithContext 

func (o CertificateConfigPtrOutput) ToCertificateConfigPtrOutputWithContext(ctx context.Context) CertificateConfigPtrOutput

func (CertificateConfigPtrOutput) X509Config 

func (o CertificateConfigPtrOutput) X509Config() X509ParametersPtrOutput

Describes how some of the technical X.509 fields in a certificate should be populated.

type CertificateConfigResponse 

type CertificateConfigResponse struct {
	// Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.
	PublicKey PublicKeyResponse `pulumi:"publicKey"`
	// Specifies some of the values in a certificate that are related to the subject.
	SubjectConfig SubjectConfigResponse `pulumi:"subjectConfig"`
	// Describes how some of the technical X.509 fields in a certificate should be populated.
	X509Config X509ParametersResponse `pulumi:"x509Config"`
}

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

type CertificateConfigResponseOutput 

type CertificateConfigResponseOutput struct{ *pulumi.OutputState }

A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.

func (CertificateConfigResponseOutput) ElementType 

func (CertificateConfigResponseOutput) ElementType() reflect.Type

func (CertificateConfigResponseOutput) PublicKey 

func (o CertificateConfigResponseOutput) PublicKey() PublicKeyResponseOutput

Optional. The public key that corresponds to this config. This is, for example, used when issuing Certificates, but not when creating a self-signed CertificateAuthority or CertificateAuthority CSR.

func (CertificateConfigResponseOutput) SubjectConfig 

func (o CertificateConfigResponseOutput) SubjectConfig() SubjectConfigResponseOutput

Specifies some of the values in a certificate that are related to the subject.

func (CertificateConfigResponseOutput) ToCertificateConfigResponseOutput 

func (o CertificateConfigResponseOutput) ToCertificateConfigResponseOutput() CertificateConfigResponseOutput

func (CertificateConfigResponseOutput) ToCertificateConfigResponseOutputWithContext 

func (o CertificateConfigResponseOutput) ToCertificateConfigResponseOutputWithContext(ctx context.Context) CertificateConfigResponseOutput

func (CertificateConfigResponseOutput) X509Config 

func (o CertificateConfigResponseOutput) X509Config() X509ParametersResponseOutput

Describes how some of the technical X.509 fields in a certificate should be populated.

type CertificateDescriptionResponse 

type CertificateDescriptionResponse struct {
	// Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.
	AiaIssuingCertificateUrls []string `pulumi:"aiaIssuingCertificateUrls"`
	// Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1
	AuthorityKeyId KeyIdResponse `pulumi:"authorityKeyId"`
	// The hash of the x.509 certificate.
	CertFingerprint CertificateFingerprintResponse `pulumi:"certFingerprint"`
	// Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13
	CrlDistributionPoints []string `pulumi:"crlDistributionPoints"`
	// The public key that corresponds to an issued certificate.
	PublicKey PublicKeyResponse `pulumi:"publicKey"`
	// Describes some of the values in a certificate that are related to the subject and lifetime.
	SubjectDescription SubjectDescriptionResponse `pulumi:"subjectDescription"`
	// Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.
	SubjectKeyId KeyIdResponse `pulumi:"subjectKeyId"`
	// Describes some of the technical X.509 fields in a certificate.
	X509Description X509ParametersResponse `pulumi:"x509Description"`
}

A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

type CertificateDescriptionResponseArrayOutput 

type CertificateDescriptionResponseArrayOutput struct{ *pulumi.OutputState }

func (CertificateDescriptionResponseArrayOutput) ElementType 

func (CertificateDescriptionResponseArrayOutput) ElementType() reflect.Type

func (CertificateDescriptionResponseArrayOutput) Index 

func (o CertificateDescriptionResponseArrayOutput) Index(i pulumi.IntInput) CertificateDescriptionResponseOutput

func (CertificateDescriptionResponseArrayOutput) ToCertificateDescriptionResponseArrayOutput 

func (o CertificateDescriptionResponseArrayOutput) ToCertificateDescriptionResponseArrayOutput() CertificateDescriptionResponseArrayOutput

func (CertificateDescriptionResponseArrayOutput) ToCertificateDescriptionResponseArrayOutputWithContext 

func (o CertificateDescriptionResponseArrayOutput) ToCertificateDescriptionResponseArrayOutputWithContext(ctx context.Context) CertificateDescriptionResponseArrayOutput

type CertificateDescriptionResponseOutput 

type CertificateDescriptionResponseOutput struct{ *pulumi.OutputState }

A CertificateDescription describes an X.509 certificate or CSR that has been issued, as an alternative to using ASN.1 / X.509.

func (CertificateDescriptionResponseOutput) AiaIssuingCertificateUrls 

func (o CertificateDescriptionResponseOutput) AiaIssuingCertificateUrls() pulumi.StringArrayOutput

Describes lists of issuer CA certificate URLs that appear in the "Authority Information Access" extension in the certificate.

func (CertificateDescriptionResponseOutput) AuthorityKeyId 

func (o CertificateDescriptionResponseOutput) AuthorityKeyId() KeyIdResponseOutput

Identifies the subject_key_id of the parent certificate, per https://tools.ietf.org/html/rfc5280#section-4.2.1.1

func (CertificateDescriptionResponseOutput) CertFingerprint 

func (o CertificateDescriptionResponseOutput) CertFingerprint() CertificateFingerprintResponseOutput

The hash of the x.509 certificate.

func (CertificateDescriptionResponseOutput) CrlDistributionPoints 

func (o CertificateDescriptionResponseOutput) CrlDistributionPoints() pulumi.StringArrayOutput

Describes a list of locations to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13

func (CertificateDescriptionResponseOutput) ElementType 

func (CertificateDescriptionResponseOutput) ElementType() reflect.Type

func (CertificateDescriptionResponseOutput) PublicKey 

func (o CertificateDescriptionResponseOutput) PublicKey() PublicKeyResponseOutput

The public key that corresponds to an issued certificate.

func (CertificateDescriptionResponseOutput) SubjectDescription 

func (o CertificateDescriptionResponseOutput) SubjectDescription() SubjectDescriptionResponseOutput

Describes some of the values in a certificate that are related to the subject and lifetime.

func (CertificateDescriptionResponseOutput) SubjectKeyId 

func (o CertificateDescriptionResponseOutput) SubjectKeyId() KeyIdResponseOutput

Provides a means of identifiying certificates that contain a particular public key, per https://tools.ietf.org/html/rfc5280#section-4.2.1.2.

func (CertificateDescriptionResponseOutput) ToCertificateDescriptionResponseOutput 

func (o CertificateDescriptionResponseOutput) ToCertificateDescriptionResponseOutput() CertificateDescriptionResponseOutput

func (CertificateDescriptionResponseOutput) ToCertificateDescriptionResponseOutputWithContext 

func (o CertificateDescriptionResponseOutput) ToCertificateDescriptionResponseOutputWithContext(ctx context.Context) CertificateDescriptionResponseOutput

func (CertificateDescriptionResponseOutput) X509Description 

func (o CertificateDescriptionResponseOutput) X509Description() X509ParametersResponseOutput

Describes some of the technical X.509 fields in a certificate.

type CertificateExtensionConstraints 

type CertificateExtensionConstraints struct {
	// Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
	AdditionalExtensions []ObjectId `pulumi:"additionalExtensions"`
	// Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
	KnownExtensions []CertificateExtensionConstraintsKnownExtensionsItem `pulumi:"knownExtensions"`
}

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

type CertificateExtensionConstraintsArgs 

type CertificateExtensionConstraintsArgs struct {
	// Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
	AdditionalExtensions ObjectIdArrayInput `pulumi:"additionalExtensions"`
	// Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
	KnownExtensions CertificateExtensionConstraintsKnownExtensionsItemArrayInput `pulumi:"knownExtensions"`
}

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

func (CertificateExtensionConstraintsArgs) ElementType 

func (CertificateExtensionConstraintsArgs) ElementType() reflect.Type

func (CertificateExtensionConstraintsArgs) ToCertificateExtensionConstraintsOutput 

func (i CertificateExtensionConstraintsArgs) ToCertificateExtensionConstraintsOutput() CertificateExtensionConstraintsOutput

func (CertificateExtensionConstraintsArgs) ToCertificateExtensionConstraintsOutputWithContext 

func (i CertificateExtensionConstraintsArgs) ToCertificateExtensionConstraintsOutputWithContext(ctx context.Context) CertificateExtensionConstraintsOutput

func (CertificateExtensionConstraintsArgs) ToCertificateExtensionConstraintsPtrOutput 

func (i CertificateExtensionConstraintsArgs) ToCertificateExtensionConstraintsPtrOutput() CertificateExtensionConstraintsPtrOutput

func (CertificateExtensionConstraintsArgs) ToCertificateExtensionConstraintsPtrOutputWithContext 

func (i CertificateExtensionConstraintsArgs) ToCertificateExtensionConstraintsPtrOutputWithContext(ctx context.Context) CertificateExtensionConstraintsPtrOutput

type CertificateExtensionConstraintsInput 

type CertificateExtensionConstraintsInput interface {
	pulumi.Input

	ToCertificateExtensionConstraintsOutput() CertificateExtensionConstraintsOutput
	ToCertificateExtensionConstraintsOutputWithContext(context.Context) CertificateExtensionConstraintsOutput
}

CertificateExtensionConstraintsInput is an input type that accepts CertificateExtensionConstraintsArgs and CertificateExtensionConstraintsOutput values. You can construct a concrete instance of `CertificateExtensionConstraintsInput` via: 

CertificateExtensionConstraintsArgs{...}

type CertificateExtensionConstraintsKnownExtensionsItem 

type CertificateExtensionConstraintsKnownExtensionsItem string

func (CertificateExtensionConstraintsKnownExtensionsItem) ElementType 

func (CertificateExtensionConstraintsKnownExtensionsItem) ElementType() reflect.Type

func (CertificateExtensionConstraintsKnownExtensionsItem) ToCertificateExtensionConstraintsKnownExtensionsItemOutput added in v0.6.0 

func (e CertificateExtensionConstraintsKnownExtensionsItem) ToCertificateExtensionConstraintsKnownExtensionsItemOutput() CertificateExtensionConstraintsKnownExtensionsItemOutput

func (CertificateExtensionConstraintsKnownExtensionsItem) ToCertificateExtensionConstraintsKnownExtensionsItemOutputWithContext added in v0.6.0 

func (e CertificateExtensionConstraintsKnownExtensionsItem) ToCertificateExtensionConstraintsKnownExtensionsItemOutputWithContext(ctx context.Context) CertificateExtensionConstraintsKnownExtensionsItemOutput

func (CertificateExtensionConstraintsKnownExtensionsItem) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutput added in v0.6.0 

func (e CertificateExtensionConstraintsKnownExtensionsItem) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutput() CertificateExtensionConstraintsKnownExtensionsItemPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItem) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutputWithContext added in v0.6.0 

func (e CertificateExtensionConstraintsKnownExtensionsItem) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutputWithContext(ctx context.Context) CertificateExtensionConstraintsKnownExtensionsItemPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItem) ToStringOutput 

func (e CertificateExtensionConstraintsKnownExtensionsItem) ToStringOutput() pulumi.StringOutput

func (CertificateExtensionConstraintsKnownExtensionsItem) ToStringOutputWithContext 

func (e CertificateExtensionConstraintsKnownExtensionsItem) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (CertificateExtensionConstraintsKnownExtensionsItem) ToStringPtrOutput 

func (e CertificateExtensionConstraintsKnownExtensionsItem) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItem) ToStringPtrOutputWithContext 

func (e CertificateExtensionConstraintsKnownExtensionsItem) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateExtensionConstraintsKnownExtensionsItemArray 

type CertificateExtensionConstraintsKnownExtensionsItemArray []CertificateExtensionConstraintsKnownExtensionsItem

func (CertificateExtensionConstraintsKnownExtensionsItemArray) ElementType 

func (CertificateExtensionConstraintsKnownExtensionsItemArray) ElementType() reflect.Type

func (CertificateExtensionConstraintsKnownExtensionsItemArray) ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutput 

func (i CertificateExtensionConstraintsKnownExtensionsItemArray) ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutput() CertificateExtensionConstraintsKnownExtensionsItemArrayOutput

func (CertificateExtensionConstraintsKnownExtensionsItemArray) ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutputWithContext 

func (i CertificateExtensionConstraintsKnownExtensionsItemArray) ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutputWithContext(ctx context.Context) CertificateExtensionConstraintsKnownExtensionsItemArrayOutput

type CertificateExtensionConstraintsKnownExtensionsItemArrayInput 

type CertificateExtensionConstraintsKnownExtensionsItemArrayInput interface {
	pulumi.Input

	ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutput() CertificateExtensionConstraintsKnownExtensionsItemArrayOutput
	ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutputWithContext(context.Context) CertificateExtensionConstraintsKnownExtensionsItemArrayOutput
}

CertificateExtensionConstraintsKnownExtensionsItemArrayInput is an input type that accepts CertificateExtensionConstraintsKnownExtensionsItemArray and CertificateExtensionConstraintsKnownExtensionsItemArrayOutput values. You can construct a concrete instance of `CertificateExtensionConstraintsKnownExtensionsItemArrayInput` via: 

CertificateExtensionConstraintsKnownExtensionsItemArray{ CertificateExtensionConstraintsKnownExtensionsItemArgs{...} }

type CertificateExtensionConstraintsKnownExtensionsItemArrayOutput 

type CertificateExtensionConstraintsKnownExtensionsItemArrayOutput struct{ *pulumi.OutputState }

func (CertificateExtensionConstraintsKnownExtensionsItemArrayOutput) ElementType 

func (CertificateExtensionConstraintsKnownExtensionsItemArrayOutput) ElementType() reflect.Type

func (CertificateExtensionConstraintsKnownExtensionsItemArrayOutput) Index 

func (o CertificateExtensionConstraintsKnownExtensionsItemArrayOutput) Index(i pulumi.IntInput) CertificateExtensionConstraintsKnownExtensionsItemOutput

func (CertificateExtensionConstraintsKnownExtensionsItemArrayOutput) ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutput 

func (o CertificateExtensionConstraintsKnownExtensionsItemArrayOutput) ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutput() CertificateExtensionConstraintsKnownExtensionsItemArrayOutput

func (CertificateExtensionConstraintsKnownExtensionsItemArrayOutput) ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutputWithContext 

func (o CertificateExtensionConstraintsKnownExtensionsItemArrayOutput) ToCertificateExtensionConstraintsKnownExtensionsItemArrayOutputWithContext(ctx context.Context) CertificateExtensionConstraintsKnownExtensionsItemArrayOutput

type CertificateExtensionConstraintsKnownExtensionsItemInput added in v0.6.0 

type CertificateExtensionConstraintsKnownExtensionsItemInput interface {
	pulumi.Input

	ToCertificateExtensionConstraintsKnownExtensionsItemOutput() CertificateExtensionConstraintsKnownExtensionsItemOutput
	ToCertificateExtensionConstraintsKnownExtensionsItemOutputWithContext(context.Context) CertificateExtensionConstraintsKnownExtensionsItemOutput
}

CertificateExtensionConstraintsKnownExtensionsItemInput is an input type that accepts CertificateExtensionConstraintsKnownExtensionsItemArgs and CertificateExtensionConstraintsKnownExtensionsItemOutput values. You can construct a concrete instance of `CertificateExtensionConstraintsKnownExtensionsItemInput` via: 

CertificateExtensionConstraintsKnownExtensionsItemArgs{...}

type CertificateExtensionConstraintsKnownExtensionsItemOutput added in v0.6.0 

type CertificateExtensionConstraintsKnownExtensionsItemOutput struct{ *pulumi.OutputState }

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ElementType added in v0.6.0 

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ElementType() reflect.Type

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ToCertificateExtensionConstraintsKnownExtensionsItemOutput added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemOutput) ToCertificateExtensionConstraintsKnownExtensionsItemOutput() CertificateExtensionConstraintsKnownExtensionsItemOutput

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ToCertificateExtensionConstraintsKnownExtensionsItemOutputWithContext added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemOutput) ToCertificateExtensionConstraintsKnownExtensionsItemOutputWithContext(ctx context.Context) CertificateExtensionConstraintsKnownExtensionsItemOutput

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutput added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemOutput) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutput() CertificateExtensionConstraintsKnownExtensionsItemPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutputWithContext added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemOutput) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutputWithContext(ctx context.Context) CertificateExtensionConstraintsKnownExtensionsItemPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ToStringOutput added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemOutput) ToStringOutput() pulumi.StringOutput

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ToStringOutputWithContext added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ToStringPtrOutput added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItemOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateExtensionConstraintsKnownExtensionsItemPtrInput added in v0.6.0 

type CertificateExtensionConstraintsKnownExtensionsItemPtrInput interface {
	pulumi.Input

	ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutput() CertificateExtensionConstraintsKnownExtensionsItemPtrOutput
	ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutputWithContext(context.Context) CertificateExtensionConstraintsKnownExtensionsItemPtrOutput
}

func CertificateExtensionConstraintsKnownExtensionsItemPtr added in v0.6.0 

func CertificateExtensionConstraintsKnownExtensionsItemPtr(v string) CertificateExtensionConstraintsKnownExtensionsItemPtrInput

type CertificateExtensionConstraintsKnownExtensionsItemPtrOutput added in v0.6.0 

type CertificateExtensionConstraintsKnownExtensionsItemPtrOutput struct{ *pulumi.OutputState }

func (CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) Elem added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) Elem() CertificateExtensionConstraintsKnownExtensionsItemOutput

func (CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ElementType added in v0.6.0 

func (CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ElementType() reflect.Type

func (CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutput added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutput() CertificateExtensionConstraintsKnownExtensionsItemPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutputWithContext added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ToCertificateExtensionConstraintsKnownExtensionsItemPtrOutputWithContext(ctx context.Context) CertificateExtensionConstraintsKnownExtensionsItemPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ToStringPtrOutput added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o CertificateExtensionConstraintsKnownExtensionsItemPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateExtensionConstraintsOutput 

type CertificateExtensionConstraintsOutput struct{ *pulumi.OutputState }

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

func (CertificateExtensionConstraintsOutput) AdditionalExtensions 

func (o CertificateExtensionConstraintsOutput) AdditionalExtensions() ObjectIdArrayOutput

Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.

func (CertificateExtensionConstraintsOutput) ElementType 

func (CertificateExtensionConstraintsOutput) ElementType() reflect.Type

func (CertificateExtensionConstraintsOutput) KnownExtensions 

func (o CertificateExtensionConstraintsOutput) KnownExtensions() CertificateExtensionConstraintsKnownExtensionsItemArrayOutput

Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.

func (CertificateExtensionConstraintsOutput) ToCertificateExtensionConstraintsOutput 

func (o CertificateExtensionConstraintsOutput) ToCertificateExtensionConstraintsOutput() CertificateExtensionConstraintsOutput

func (CertificateExtensionConstraintsOutput) ToCertificateExtensionConstraintsOutputWithContext 

func (o CertificateExtensionConstraintsOutput) ToCertificateExtensionConstraintsOutputWithContext(ctx context.Context) CertificateExtensionConstraintsOutput

func (CertificateExtensionConstraintsOutput) ToCertificateExtensionConstraintsPtrOutput 

func (o CertificateExtensionConstraintsOutput) ToCertificateExtensionConstraintsPtrOutput() CertificateExtensionConstraintsPtrOutput

func (CertificateExtensionConstraintsOutput) ToCertificateExtensionConstraintsPtrOutputWithContext 

func (o CertificateExtensionConstraintsOutput) ToCertificateExtensionConstraintsPtrOutputWithContext(ctx context.Context) CertificateExtensionConstraintsPtrOutput

type CertificateExtensionConstraintsPtrInput 

type CertificateExtensionConstraintsPtrInput interface {
	pulumi.Input

	ToCertificateExtensionConstraintsPtrOutput() CertificateExtensionConstraintsPtrOutput
	ToCertificateExtensionConstraintsPtrOutputWithContext(context.Context) CertificateExtensionConstraintsPtrOutput
}

CertificateExtensionConstraintsPtrInput is an input type that accepts CertificateExtensionConstraintsArgs, CertificateExtensionConstraintsPtr and CertificateExtensionConstraintsPtrOutput values. You can construct a concrete instance of `CertificateExtensionConstraintsPtrInput` via: 

        CertificateExtensionConstraintsArgs{...}

or:

        nil

func CertificateExtensionConstraintsPtr 

func CertificateExtensionConstraintsPtr(v *CertificateExtensionConstraintsArgs) CertificateExtensionConstraintsPtrInput

type CertificateExtensionConstraintsPtrOutput 

type CertificateExtensionConstraintsPtrOutput struct{ *pulumi.OutputState }

func (CertificateExtensionConstraintsPtrOutput) AdditionalExtensions 

func (o CertificateExtensionConstraintsPtrOutput) AdditionalExtensions() ObjectIdArrayOutput

Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.

func (CertificateExtensionConstraintsPtrOutput) Elem 

func (o CertificateExtensionConstraintsPtrOutput) Elem() CertificateExtensionConstraintsOutput

func (CertificateExtensionConstraintsPtrOutput) ElementType 

func (CertificateExtensionConstraintsPtrOutput) ElementType() reflect.Type

func (CertificateExtensionConstraintsPtrOutput) KnownExtensions 

func (o CertificateExtensionConstraintsPtrOutput) KnownExtensions() CertificateExtensionConstraintsKnownExtensionsItemArrayOutput

Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.

func (CertificateExtensionConstraintsPtrOutput) ToCertificateExtensionConstraintsPtrOutput 

func (o CertificateExtensionConstraintsPtrOutput) ToCertificateExtensionConstraintsPtrOutput() CertificateExtensionConstraintsPtrOutput

func (CertificateExtensionConstraintsPtrOutput) ToCertificateExtensionConstraintsPtrOutputWithContext 

func (o CertificateExtensionConstraintsPtrOutput) ToCertificateExtensionConstraintsPtrOutputWithContext(ctx context.Context) CertificateExtensionConstraintsPtrOutput

type CertificateExtensionConstraintsResponse 

type CertificateExtensionConstraintsResponse struct {
	// Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.
	AdditionalExtensions []ObjectIdResponse `pulumi:"additionalExtensions"`
	// Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
	KnownExtensions []string `pulumi:"knownExtensions"`
}

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

type CertificateExtensionConstraintsResponseOutput 

type CertificateExtensionConstraintsResponseOutput struct{ *pulumi.OutputState }

Describes a set of X.509 extensions that may be part of some certificate issuance controls.

func (CertificateExtensionConstraintsResponseOutput) AdditionalExtensions 

func (o CertificateExtensionConstraintsResponseOutput) AdditionalExtensions() ObjectIdResponseArrayOutput

Optional. A set of ObjectIds identifying custom X.509 extensions. Will be combined with known_extensions to determine the full set of X.509 extensions.

func (CertificateExtensionConstraintsResponseOutput) ElementType 

func (CertificateExtensionConstraintsResponseOutput) ElementType() reflect.Type

func (CertificateExtensionConstraintsResponseOutput) KnownExtensions 

func (o CertificateExtensionConstraintsResponseOutput) KnownExtensions() pulumi.StringArrayOutput

Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.

func (CertificateExtensionConstraintsResponseOutput) ToCertificateExtensionConstraintsResponseOutput 

func (o CertificateExtensionConstraintsResponseOutput) ToCertificateExtensionConstraintsResponseOutput() CertificateExtensionConstraintsResponseOutput

func (CertificateExtensionConstraintsResponseOutput) ToCertificateExtensionConstraintsResponseOutputWithContext 

func (o CertificateExtensionConstraintsResponseOutput) ToCertificateExtensionConstraintsResponseOutputWithContext(ctx context.Context) CertificateExtensionConstraintsResponseOutput

type CertificateFingerprintResponse 

type CertificateFingerprintResponse struct {
	// The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.
	Sha256Hash string `pulumi:"sha256Hash"`
}

A group of fingerprints for the x509 certificate.

type CertificateFingerprintResponseOutput 

type CertificateFingerprintResponseOutput struct{ *pulumi.OutputState }

A group of fingerprints for the x509 certificate.

func (CertificateFingerprintResponseOutput) ElementType 

func (CertificateFingerprintResponseOutput) ElementType() reflect.Type

func (CertificateFingerprintResponseOutput) Sha256Hash 

func (o CertificateFingerprintResponseOutput) Sha256Hash() pulumi.StringOutput

The SHA 256 hash, encoded in hexadecimal, of the DER x509 certificate.

func (CertificateFingerprintResponseOutput) ToCertificateFingerprintResponseOutput 

func (o CertificateFingerprintResponseOutput) ToCertificateFingerprintResponseOutput() CertificateFingerprintResponseOutput

func (CertificateFingerprintResponseOutput) ToCertificateFingerprintResponseOutputWithContext 

func (o CertificateFingerprintResponseOutput) ToCertificateFingerprintResponseOutputWithContext(ctx context.Context) CertificateFingerprintResponseOutput

type CertificateIdentityConstraints 

type CertificateIdentityConstraints struct {
	// If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
	AllowSubjectAltNamesPassthrough bool `pulumi:"allowSubjectAltNamesPassthrough"`
	// If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
	AllowSubjectPassthrough bool `pulumi:"allowSubjectPassthrough"`
	// Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/using-cel
	CelExpression *Expr `pulumi:"celExpression"`
}

Describes constraints on a Certificate's Subject and SubjectAltNames.

type CertificateIdentityConstraintsArgs 

type CertificateIdentityConstraintsArgs struct {
	// If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
	AllowSubjectAltNamesPassthrough pulumi.BoolInput `pulumi:"allowSubjectAltNamesPassthrough"`
	// If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
	AllowSubjectPassthrough pulumi.BoolInput `pulumi:"allowSubjectPassthrough"`
	// Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/using-cel
	CelExpression ExprPtrInput `pulumi:"celExpression"`
}

Describes constraints on a Certificate's Subject and SubjectAltNames.

func (CertificateIdentityConstraintsArgs) ElementType 

func (CertificateIdentityConstraintsArgs) ElementType() reflect.Type

func (CertificateIdentityConstraintsArgs) ToCertificateIdentityConstraintsOutput 

func (i CertificateIdentityConstraintsArgs) ToCertificateIdentityConstraintsOutput() CertificateIdentityConstraintsOutput

func (CertificateIdentityConstraintsArgs) ToCertificateIdentityConstraintsOutputWithContext 

func (i CertificateIdentityConstraintsArgs) ToCertificateIdentityConstraintsOutputWithContext(ctx context.Context) CertificateIdentityConstraintsOutput

func (CertificateIdentityConstraintsArgs) ToCertificateIdentityConstraintsPtrOutput 

func (i CertificateIdentityConstraintsArgs) ToCertificateIdentityConstraintsPtrOutput() CertificateIdentityConstraintsPtrOutput

func (CertificateIdentityConstraintsArgs) ToCertificateIdentityConstraintsPtrOutputWithContext 

func (i CertificateIdentityConstraintsArgs) ToCertificateIdentityConstraintsPtrOutputWithContext(ctx context.Context) CertificateIdentityConstraintsPtrOutput

type CertificateIdentityConstraintsInput 

type CertificateIdentityConstraintsInput interface {
	pulumi.Input

	ToCertificateIdentityConstraintsOutput() CertificateIdentityConstraintsOutput
	ToCertificateIdentityConstraintsOutputWithContext(context.Context) CertificateIdentityConstraintsOutput
}

CertificateIdentityConstraintsInput is an input type that accepts CertificateIdentityConstraintsArgs and CertificateIdentityConstraintsOutput values. You can construct a concrete instance of `CertificateIdentityConstraintsInput` via: 

CertificateIdentityConstraintsArgs{...}

type CertificateIdentityConstraintsOutput 

type CertificateIdentityConstraintsOutput struct{ *pulumi.OutputState }

Describes constraints on a Certificate's Subject and SubjectAltNames.

func (CertificateIdentityConstraintsOutput) AllowSubjectAltNamesPassthrough 

func (o CertificateIdentityConstraintsOutput) AllowSubjectAltNamesPassthrough() pulumi.BoolOutput

If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.

func (CertificateIdentityConstraintsOutput) AllowSubjectPassthrough 

func (o CertificateIdentityConstraintsOutput) AllowSubjectPassthrough() pulumi.BoolOutput

If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.

func (CertificateIdentityConstraintsOutput) CelExpression 

func (o CertificateIdentityConstraintsOutput) CelExpression() ExprPtrOutput

Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/using-cel

func (CertificateIdentityConstraintsOutput) ElementType 

func (CertificateIdentityConstraintsOutput) ElementType() reflect.Type

func (CertificateIdentityConstraintsOutput) ToCertificateIdentityConstraintsOutput 

func (o CertificateIdentityConstraintsOutput) ToCertificateIdentityConstraintsOutput() CertificateIdentityConstraintsOutput

func (CertificateIdentityConstraintsOutput) ToCertificateIdentityConstraintsOutputWithContext 

func (o CertificateIdentityConstraintsOutput) ToCertificateIdentityConstraintsOutputWithContext(ctx context.Context) CertificateIdentityConstraintsOutput

func (CertificateIdentityConstraintsOutput) ToCertificateIdentityConstraintsPtrOutput 

func (o CertificateIdentityConstraintsOutput) ToCertificateIdentityConstraintsPtrOutput() CertificateIdentityConstraintsPtrOutput

func (CertificateIdentityConstraintsOutput) ToCertificateIdentityConstraintsPtrOutputWithContext 

func (o CertificateIdentityConstraintsOutput) ToCertificateIdentityConstraintsPtrOutputWithContext(ctx context.Context) CertificateIdentityConstraintsPtrOutput

type CertificateIdentityConstraintsPtrInput 

type CertificateIdentityConstraintsPtrInput interface {
	pulumi.Input

	ToCertificateIdentityConstraintsPtrOutput() CertificateIdentityConstraintsPtrOutput
	ToCertificateIdentityConstraintsPtrOutputWithContext(context.Context) CertificateIdentityConstraintsPtrOutput
}

CertificateIdentityConstraintsPtrInput is an input type that accepts CertificateIdentityConstraintsArgs, CertificateIdentityConstraintsPtr and CertificateIdentityConstraintsPtrOutput values. You can construct a concrete instance of `CertificateIdentityConstraintsPtrInput` via: 

        CertificateIdentityConstraintsArgs{...}

or:

        nil

func CertificateIdentityConstraintsPtr 

func CertificateIdentityConstraintsPtr(v *CertificateIdentityConstraintsArgs) CertificateIdentityConstraintsPtrInput

type CertificateIdentityConstraintsPtrOutput 

type CertificateIdentityConstraintsPtrOutput struct{ *pulumi.OutputState }

func (CertificateIdentityConstraintsPtrOutput) AllowSubjectAltNamesPassthrough 

func (o CertificateIdentityConstraintsPtrOutput) AllowSubjectAltNamesPassthrough() pulumi.BoolPtrOutput

If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.

func (CertificateIdentityConstraintsPtrOutput) AllowSubjectPassthrough 

func (o CertificateIdentityConstraintsPtrOutput) AllowSubjectPassthrough() pulumi.BoolPtrOutput

If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.

func (CertificateIdentityConstraintsPtrOutput) CelExpression 

func (o CertificateIdentityConstraintsPtrOutput) CelExpression() ExprPtrOutput

Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/using-cel

func (CertificateIdentityConstraintsPtrOutput) Elem 

func (o CertificateIdentityConstraintsPtrOutput) Elem() CertificateIdentityConstraintsOutput

func (CertificateIdentityConstraintsPtrOutput) ElementType 

func (CertificateIdentityConstraintsPtrOutput) ElementType() reflect.Type

func (CertificateIdentityConstraintsPtrOutput) ToCertificateIdentityConstraintsPtrOutput 

func (o CertificateIdentityConstraintsPtrOutput) ToCertificateIdentityConstraintsPtrOutput() CertificateIdentityConstraintsPtrOutput

func (CertificateIdentityConstraintsPtrOutput) ToCertificateIdentityConstraintsPtrOutputWithContext 

func (o CertificateIdentityConstraintsPtrOutput) ToCertificateIdentityConstraintsPtrOutputWithContext(ctx context.Context) CertificateIdentityConstraintsPtrOutput

type CertificateIdentityConstraintsResponse 

type CertificateIdentityConstraintsResponse struct {
	// If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
	AllowSubjectAltNamesPassthrough bool `pulumi:"allowSubjectAltNamesPassthrough"`
	// If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
	AllowSubjectPassthrough bool `pulumi:"allowSubjectPassthrough"`
	// Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/using-cel
	CelExpression ExprResponse `pulumi:"celExpression"`
}

Describes constraints on a Certificate's Subject and SubjectAltNames.

type CertificateIdentityConstraintsResponseOutput 

type CertificateIdentityConstraintsResponseOutput struct{ *pulumi.OutputState }

Describes constraints on a Certificate's Subject and SubjectAltNames.

func (CertificateIdentityConstraintsResponseOutput) AllowSubjectAltNamesPassthrough 

func (o CertificateIdentityConstraintsResponseOutput) AllowSubjectAltNamesPassthrough() pulumi.BoolOutput

If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.

func (CertificateIdentityConstraintsResponseOutput) AllowSubjectPassthrough 

func (o CertificateIdentityConstraintsResponseOutput) AllowSubjectPassthrough() pulumi.BoolOutput

If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.

func (CertificateIdentityConstraintsResponseOutput) CelExpression 

func (o CertificateIdentityConstraintsResponseOutput) CelExpression() ExprResponseOutput

Optional. A CEL expression that may be used to validate the resolved X.509 Subject and/or Subject Alternative Name before a certificate is signed. To see the full allowed syntax and some examples, see https://cloud.google.com/certificate-authority-service/docs/using-cel

func (CertificateIdentityConstraintsResponseOutput) ElementType 

func (CertificateIdentityConstraintsResponseOutput) ElementType() reflect.Type

func (CertificateIdentityConstraintsResponseOutput) ToCertificateIdentityConstraintsResponseOutput 

func (o CertificateIdentityConstraintsResponseOutput) ToCertificateIdentityConstraintsResponseOutput() CertificateIdentityConstraintsResponseOutput

func (CertificateIdentityConstraintsResponseOutput) ToCertificateIdentityConstraintsResponseOutputWithContext 

func (o CertificateIdentityConstraintsResponseOutput) ToCertificateIdentityConstraintsResponseOutputWithContext(ctx context.Context) CertificateIdentityConstraintsResponseOutput

type CertificateInput 

type CertificateInput interface {
	pulumi.Input

	ToCertificateOutput() CertificateOutput
	ToCertificateOutputWithContext(ctx context.Context) CertificateOutput
}

type CertificateOutput 

type CertificateOutput struct{ *pulumi.OutputState }

func (CertificateOutput) CaPoolId added in v0.21.0 

func (o CertificateOutput) CaPoolId() pulumi.StringOutput

func (CertificateOutput) CertificateDescription added in v0.19.0 

func (o CertificateOutput) CertificateDescription() CertificateDescriptionResponseOutput

A structured description of the issued X.509 certificate.

func (CertificateOutput) CertificateId added in v0.21.0 

func (o CertificateOutput) CertificateId() pulumi.StringPtrOutput

Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. This field is required when using a CertificateAuthority in the Enterprise CertificateAuthority.Tier, but is optional and its value is ignored otherwise.

func (CertificateOutput) CertificateTemplate added in v0.19.0 

func (o CertificateOutput) CertificateTemplate() pulumi.StringOutput

Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.

func (CertificateOutput) Config added in v0.19.0 

func (o CertificateOutput) Config() CertificateConfigResponseOutput

Immutable. A description of the certificate and key that does not require X.509 or ASN.1.

func (CertificateOutput) CreateTime added in v0.19.0 

func (o CertificateOutput) CreateTime() pulumi.StringOutput

The time at which this Certificate was created.

func (CertificateOutput) ElementType 

func (CertificateOutput) ElementType() reflect.Type

func (CertificateOutput) IssuerCertificateAuthority added in v0.19.0 

func (o CertificateOutput) IssuerCertificateAuthority() pulumi.StringOutput

The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.

func (CertificateOutput) IssuingCertificateAuthorityId added in v0.21.0 

func (o CertificateOutput) IssuingCertificateAuthorityId() pulumi.StringPtrOutput

Optional. The resource ID of the CertificateAuthority that should issue the certificate. This optional field will ignore the load-balancing scheme of the Pool and directly issue the certificate from the CA with the specified ID, contained in the same CaPool referenced by `parent`. Per-CA quota rules apply. If left empty, a CertificateAuthority will be chosen from the CaPool by the service. For example, to issue a Certificate from a Certificate Authority with resource name "projects/my-project/locations/us-central1/caPools/my-pool/certificateAuthorities/my-ca", you can set the parent to "projects/my-project/locations/us-central1/caPools/my-pool" and the issuing_certificate_authority_id to "my-ca".

func (CertificateOutput) Labels added in v0.19.0 

func (o CertificateOutput) Labels() pulumi.StringMapOutput

Optional. Labels with user-defined metadata.

func (CertificateOutput) Lifetime added in v0.19.0 

func (o CertificateOutput) Lifetime() pulumi.StringOutput

Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.

func (CertificateOutput) Location added in v0.21.0 

func (o CertificateOutput) Location() pulumi.StringOutput

func (CertificateOutput) Name added in v0.19.0 

func (o CertificateOutput) Name() pulumi.StringOutput

The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.

func (CertificateOutput) PemCertificate added in v0.19.0 

func (o CertificateOutput) PemCertificate() pulumi.StringOutput

The pem-encoded, signed X.509 certificate.

func (CertificateOutput) PemCertificateChain added in v0.19.0 

func (o CertificateOutput) PemCertificateChain() pulumi.StringArrayOutput

The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.

func (CertificateOutput) PemCsr added in v0.19.0 

func (o CertificateOutput) PemCsr() pulumi.StringOutput

Immutable. A pem-encoded X.509 certificate signing request (CSR).

func (CertificateOutput) Project added in v0.21.0 

func (o CertificateOutput) Project() pulumi.StringOutput

func (CertificateOutput) RequestId added in v0.21.0 

func (o CertificateOutput) RequestId() pulumi.StringPtrOutput

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

func (CertificateOutput) RevocationDetails added in v0.19.0 

func (o CertificateOutput) RevocationDetails() RevocationDetailsResponseOutput

Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.

func (CertificateOutput) SubjectMode added in v0.19.0 

func (o CertificateOutput) SubjectMode() pulumi.StringOutput

Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.

func (CertificateOutput) ToCertificateOutput 

func (o CertificateOutput) ToCertificateOutput() CertificateOutput

func (CertificateOutput) ToCertificateOutputWithContext 

func (o CertificateOutput) ToCertificateOutputWithContext(ctx context.Context) CertificateOutput

func (CertificateOutput) UpdateTime added in v0.19.0 

func (o CertificateOutput) UpdateTime() pulumi.StringOutput

The time at which this Certificate was updated.

type CertificateState 

type CertificateState struct {
}

func (CertificateState) ElementType 

func (CertificateState) ElementType() reflect.Type

type CertificateSubjectMode 

type CertificateSubjectMode string

Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.

func (CertificateSubjectMode) ElementType 

func (CertificateSubjectMode) ElementType() reflect.Type

func (CertificateSubjectMode) ToCertificateSubjectModeOutput added in v0.6.0 

func (e CertificateSubjectMode) ToCertificateSubjectModeOutput() CertificateSubjectModeOutput

func (CertificateSubjectMode) ToCertificateSubjectModeOutputWithContext added in v0.6.0 

func (e CertificateSubjectMode) ToCertificateSubjectModeOutputWithContext(ctx context.Context) CertificateSubjectModeOutput

func (CertificateSubjectMode) ToCertificateSubjectModePtrOutput added in v0.6.0 

func (e CertificateSubjectMode) ToCertificateSubjectModePtrOutput() CertificateSubjectModePtrOutput

func (CertificateSubjectMode) ToCertificateSubjectModePtrOutputWithContext added in v0.6.0 

func (e CertificateSubjectMode) ToCertificateSubjectModePtrOutputWithContext(ctx context.Context) CertificateSubjectModePtrOutput

func (CertificateSubjectMode) ToStringOutput 

func (e CertificateSubjectMode) ToStringOutput() pulumi.StringOutput

func (CertificateSubjectMode) ToStringOutputWithContext 

func (e CertificateSubjectMode) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (CertificateSubjectMode) ToStringPtrOutput 

func (e CertificateSubjectMode) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateSubjectMode) ToStringPtrOutputWithContext 

func (e CertificateSubjectMode) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateSubjectModeInput added in v0.6.0 

type CertificateSubjectModeInput interface {
	pulumi.Input

	ToCertificateSubjectModeOutput() CertificateSubjectModeOutput
	ToCertificateSubjectModeOutputWithContext(context.Context) CertificateSubjectModeOutput
}

CertificateSubjectModeInput is an input type that accepts CertificateSubjectModeArgs and CertificateSubjectModeOutput values. You can construct a concrete instance of `CertificateSubjectModeInput` via: 

CertificateSubjectModeArgs{...}

type CertificateSubjectModeOutput added in v0.6.0 

type CertificateSubjectModeOutput struct{ *pulumi.OutputState }

func (CertificateSubjectModeOutput) ElementType added in v0.6.0 

func (CertificateSubjectModeOutput) ElementType() reflect.Type

func (CertificateSubjectModeOutput) ToCertificateSubjectModeOutput added in v0.6.0 

func (o CertificateSubjectModeOutput) ToCertificateSubjectModeOutput() CertificateSubjectModeOutput

func (CertificateSubjectModeOutput) ToCertificateSubjectModeOutputWithContext added in v0.6.0 

func (o CertificateSubjectModeOutput) ToCertificateSubjectModeOutputWithContext(ctx context.Context) CertificateSubjectModeOutput

func (CertificateSubjectModeOutput) ToCertificateSubjectModePtrOutput added in v0.6.0 

func (o CertificateSubjectModeOutput) ToCertificateSubjectModePtrOutput() CertificateSubjectModePtrOutput

func (CertificateSubjectModeOutput) ToCertificateSubjectModePtrOutputWithContext added in v0.6.0 

func (o CertificateSubjectModeOutput) ToCertificateSubjectModePtrOutputWithContext(ctx context.Context) CertificateSubjectModePtrOutput

func (CertificateSubjectModeOutput) ToStringOutput added in v0.6.0 

func (o CertificateSubjectModeOutput) ToStringOutput() pulumi.StringOutput

func (CertificateSubjectModeOutput) ToStringOutputWithContext added in v0.6.0 

func (o CertificateSubjectModeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (CertificateSubjectModeOutput) ToStringPtrOutput added in v0.6.0 

func (o CertificateSubjectModeOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateSubjectModeOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o CertificateSubjectModeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateSubjectModePtrInput added in v0.6.0 

type CertificateSubjectModePtrInput interface {
	pulumi.Input

	ToCertificateSubjectModePtrOutput() CertificateSubjectModePtrOutput
	ToCertificateSubjectModePtrOutputWithContext(context.Context) CertificateSubjectModePtrOutput
}

func CertificateSubjectModePtr added in v0.6.0 

func CertificateSubjectModePtr(v string) CertificateSubjectModePtrInput

type CertificateSubjectModePtrOutput added in v0.6.0 

type CertificateSubjectModePtrOutput struct{ *pulumi.OutputState }

func (CertificateSubjectModePtrOutput) Elem added in v0.6.0 

func (o CertificateSubjectModePtrOutput) Elem() CertificateSubjectModeOutput

func (CertificateSubjectModePtrOutput) ElementType added in v0.6.0 

func (CertificateSubjectModePtrOutput) ElementType() reflect.Type

func (CertificateSubjectModePtrOutput) ToCertificateSubjectModePtrOutput added in v0.6.0 

func (o CertificateSubjectModePtrOutput) ToCertificateSubjectModePtrOutput() CertificateSubjectModePtrOutput

func (CertificateSubjectModePtrOutput) ToCertificateSubjectModePtrOutputWithContext added in v0.6.0 

func (o CertificateSubjectModePtrOutput) ToCertificateSubjectModePtrOutputWithContext(ctx context.Context) CertificateSubjectModePtrOutput

func (CertificateSubjectModePtrOutput) ToStringPtrOutput added in v0.6.0 

func (o CertificateSubjectModePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (CertificateSubjectModePtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o CertificateSubjectModePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type CertificateTemplate 

type CertificateTemplate struct {
	pulumi.CustomResourceState

	// Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
	CertificateTemplateId pulumi.StringOutput `pulumi:"certificateTemplateId"`
	// The time at which this CertificateTemplate was created.
	CreateTime pulumi.StringOutput `pulumi:"createTime"`
	// Optional. A human-readable description of scenarios this template is intended for.
	Description pulumi.StringOutput `pulumi:"description"`
	// Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
	IdentityConstraints CertificateIdentityConstraintsResponseOutput `pulumi:"identityConstraints"`
	// Optional. Labels with user-defined metadata.
	Labels   pulumi.StringMapOutput `pulumi:"labels"`
	Location pulumi.StringOutput    `pulumi:"location"`
	// Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
	MaximumLifetime pulumi.StringOutput `pulumi:"maximumLifetime"`
	// The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
	Name pulumi.StringOutput `pulumi:"name"`
	// Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
	PassthroughExtensions CertificateExtensionConstraintsResponseOutput `pulumi:"passthroughExtensions"`
	// Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.
	PredefinedValues X509ParametersResponseOutput `pulumi:"predefinedValues"`
	Project          pulumi.StringOutput          `pulumi:"project"`
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrOutput `pulumi:"requestId"`
	// The time at which this CertificateTemplate was updated.
	UpdateTime pulumi.StringOutput `pulumi:"updateTime"`
}

Create a new CertificateTemplate in a given Project and Location. Auto-naming is currently not supported for this resource.

func GetCertificateTemplate 

func GetCertificateTemplate(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateTemplateState, opts ...pulumi.ResourceOption) (*CertificateTemplate, error)

GetCertificateTemplate gets an existing CertificateTemplate resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateTemplate 

func NewCertificateTemplate(ctx *pulumi.Context,
	name string, args *CertificateTemplateArgs, opts ...pulumi.ResourceOption) (*CertificateTemplate, error)

NewCertificateTemplate registers a new resource with the given unique name, arguments, and options.

func (*CertificateTemplate) ElementType 

func (*CertificateTemplate) ElementType() reflect.Type

func (*CertificateTemplate) ToCertificateTemplateOutput 

func (i *CertificateTemplate) ToCertificateTemplateOutput() CertificateTemplateOutput

func (*CertificateTemplate) ToCertificateTemplateOutputWithContext 

func (i *CertificateTemplate) ToCertificateTemplateOutputWithContext(ctx context.Context) CertificateTemplateOutput

type CertificateTemplateArgs 

type CertificateTemplateArgs struct {
	// Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
	CertificateTemplateId pulumi.StringInput
	// Optional. A human-readable description of scenarios this template is intended for.
	Description pulumi.StringPtrInput
	// Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
	IdentityConstraints CertificateIdentityConstraintsPtrInput
	// Optional. Labels with user-defined metadata.
	Labels   pulumi.StringMapInput
	Location pulumi.StringPtrInput
	// Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
	MaximumLifetime pulumi.StringPtrInput
	// Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
	PassthroughExtensions CertificateExtensionConstraintsPtrInput
	// Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.
	PredefinedValues X509ParametersPtrInput
	Project          pulumi.StringPtrInput
	// Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).
	RequestId pulumi.StringPtrInput
}

The set of arguments for constructing a CertificateTemplate resource.

func (CertificateTemplateArgs) ElementType 

func (CertificateTemplateArgs) ElementType() reflect.Type

type CertificateTemplateIamBinding added in v0.26.0 

type CertificateTemplateIamBinding struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Members pulumi.StringArrayOutput `pulumi:"members"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetCertificateTemplateIamBinding added in v0.26.0 

func GetCertificateTemplateIamBinding(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateTemplateIamBindingState, opts ...pulumi.ResourceOption) (*CertificateTemplateIamBinding, error)

GetCertificateTemplateIamBinding gets an existing CertificateTemplateIamBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateTemplateIamBinding added in v0.26.0 

func NewCertificateTemplateIamBinding(ctx *pulumi.Context,
	name string, args *CertificateTemplateIamBindingArgs, opts ...pulumi.ResourceOption) (*CertificateTemplateIamBinding, error)

NewCertificateTemplateIamBinding registers a new resource with the given unique name, arguments, and options.

func (*CertificateTemplateIamBinding) ElementType added in v0.26.0 

func (*CertificateTemplateIamBinding) ElementType() reflect.Type

func (*CertificateTemplateIamBinding) ToCertificateTemplateIamBindingOutput added in v0.26.0 

func (i *CertificateTemplateIamBinding) ToCertificateTemplateIamBindingOutput() CertificateTemplateIamBindingOutput

func (*CertificateTemplateIamBinding) ToCertificateTemplateIamBindingOutputWithContext added in v0.26.0 

func (i *CertificateTemplateIamBinding) ToCertificateTemplateIamBindingOutputWithContext(ctx context.Context) CertificateTemplateIamBindingOutput

type CertificateTemplateIamBindingArgs added in v0.26.0 

type CertificateTemplateIamBindingArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identities that will be granted the privilege in role. Each entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Members pulumi.StringArrayInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied. Only one `IamBinding` can be used per role.
	Role pulumi.StringInput
}

The set of arguments for constructing a CertificateTemplateIamBinding resource.

func (CertificateTemplateIamBindingArgs) ElementType added in v0.26.0 

func (CertificateTemplateIamBindingArgs) ElementType() reflect.Type

type CertificateTemplateIamBindingInput added in v0.26.0 

type CertificateTemplateIamBindingInput interface {
	pulumi.Input

	ToCertificateTemplateIamBindingOutput() CertificateTemplateIamBindingOutput
	ToCertificateTemplateIamBindingOutputWithContext(ctx context.Context) CertificateTemplateIamBindingOutput
}

type CertificateTemplateIamBindingOutput added in v0.26.0 

type CertificateTemplateIamBindingOutput struct{ *pulumi.OutputState }

func (CertificateTemplateIamBindingOutput) Condition added in v0.26.0 

func (o CertificateTemplateIamBindingOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (CertificateTemplateIamBindingOutput) ElementType added in v0.26.0 

func (CertificateTemplateIamBindingOutput) ElementType() reflect.Type

func (CertificateTemplateIamBindingOutput) Etag added in v0.26.0 

func (o CertificateTemplateIamBindingOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (CertificateTemplateIamBindingOutput) Members added in v0.26.0 

func (o CertificateTemplateIamBindingOutput) Members() pulumi.StringArrayOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (CertificateTemplateIamBindingOutput) Name added in v0.26.0 

func (o CertificateTemplateIamBindingOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (CertificateTemplateIamBindingOutput) Project added in v0.26.0 

func (o CertificateTemplateIamBindingOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (CertificateTemplateIamBindingOutput) Role added in v0.26.0 

func (o CertificateTemplateIamBindingOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (CertificateTemplateIamBindingOutput) ToCertificateTemplateIamBindingOutput added in v0.26.0 

func (o CertificateTemplateIamBindingOutput) ToCertificateTemplateIamBindingOutput() CertificateTemplateIamBindingOutput

func (CertificateTemplateIamBindingOutput) ToCertificateTemplateIamBindingOutputWithContext added in v0.26.0 

func (o CertificateTemplateIamBindingOutput) ToCertificateTemplateIamBindingOutputWithContext(ctx context.Context) CertificateTemplateIamBindingOutput

type CertificateTemplateIamBindingState added in v0.26.0 

type CertificateTemplateIamBindingState struct {
}

func (CertificateTemplateIamBindingState) ElementType added in v0.26.0 

func (CertificateTemplateIamBindingState) ElementType() reflect.Type

type CertificateTemplateIamMember added in v0.26.0 

type CertificateTemplateIamMember struct {
	pulumi.CustomResourceState

	// An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.
	Condition iam.ConditionPtrOutput `pulumi:"condition"`
	// The etag of the resource's IAM policy.
	Etag pulumi.StringOutput `pulumi:"etag"`
	// Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.
	Member pulumi.StringOutput `pulumi:"member"`
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringOutput `pulumi:"name"`
	// The project in which the resource belongs. If it is not provided, a default will be supplied.
	Project pulumi.StringOutput `pulumi:"project"`
	// Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.
	Role pulumi.StringOutput `pulumi:"role"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.

func GetCertificateTemplateIamMember added in v0.26.0 

func GetCertificateTemplateIamMember(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateTemplateIamMemberState, opts ...pulumi.ResourceOption) (*CertificateTemplateIamMember, error)

GetCertificateTemplateIamMember gets an existing CertificateTemplateIamMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateTemplateIamMember added in v0.26.0 

func NewCertificateTemplateIamMember(ctx *pulumi.Context,
	name string, args *CertificateTemplateIamMemberArgs, opts ...pulumi.ResourceOption) (*CertificateTemplateIamMember, error)

NewCertificateTemplateIamMember registers a new resource with the given unique name, arguments, and options.

func (*CertificateTemplateIamMember) ElementType added in v0.26.0 

func (*CertificateTemplateIamMember) ElementType() reflect.Type

func (*CertificateTemplateIamMember) ToCertificateTemplateIamMemberOutput added in v0.26.0 

func (i *CertificateTemplateIamMember) ToCertificateTemplateIamMemberOutput() CertificateTemplateIamMemberOutput

func (*CertificateTemplateIamMember) ToCertificateTemplateIamMemberOutputWithContext added in v0.26.0 

func (i *CertificateTemplateIamMember) ToCertificateTemplateIamMemberOutputWithContext(ctx context.Context) CertificateTemplateIamMemberOutput

type CertificateTemplateIamMemberArgs added in v0.26.0 

type CertificateTemplateIamMemberArgs struct {
	// An IAM Condition for a given binding.
	Condition iam.ConditionPtrInput
	// Identity that will be granted the privilege in role. The entry can have one of the following values:
	//
	//  * user:{emailid}: An email address that represents a specific Google account. For example, alice@gmail.com or joe@example.com.
	//  * serviceAccount:{emailid}: An email address that represents a service account. For example, my-other-app@appspot.gserviceaccount.com.
	//  * group:{emailid}: An email address that represents a Google group. For example, admins@example.com.
	//  * domain:{domain}: A G Suite domain (primary, instead of alias) name that represents all the users of that domain. For example, google.com or example.com.
	Member pulumi.StringInput
	// The name of the resource to manage IAM policies for.
	Name pulumi.StringInput
	// The role that should be applied.
	Role pulumi.StringInput
}

The set of arguments for constructing a CertificateTemplateIamMember resource.

func (CertificateTemplateIamMemberArgs) ElementType added in v0.26.0 

func (CertificateTemplateIamMemberArgs) ElementType() reflect.Type

type CertificateTemplateIamMemberInput added in v0.26.0 

type CertificateTemplateIamMemberInput interface {
	pulumi.Input

	ToCertificateTemplateIamMemberOutput() CertificateTemplateIamMemberOutput
	ToCertificateTemplateIamMemberOutputWithContext(ctx context.Context) CertificateTemplateIamMemberOutput
}

type CertificateTemplateIamMemberOutput added in v0.26.0 

type CertificateTemplateIamMemberOutput struct{ *pulumi.OutputState }

func (CertificateTemplateIamMemberOutput) Condition added in v0.26.0 

func (o CertificateTemplateIamMemberOutput) Condition() iam.ConditionPtrOutput

An IAM Condition for a given binding. See https://cloud.google.com/iam/docs/conditions-overview for additional details.

func (CertificateTemplateIamMemberOutput) ElementType added in v0.26.0 

func (CertificateTemplateIamMemberOutput) ElementType() reflect.Type

func (CertificateTemplateIamMemberOutput) Etag added in v0.26.0 

func (o CertificateTemplateIamMemberOutput) Etag() pulumi.StringOutput

The etag of the resource's IAM policy.

func (CertificateTemplateIamMemberOutput) Member added in v0.26.0 

func (o CertificateTemplateIamMemberOutput) Member() pulumi.StringOutput

Specifies the principals requesting access for a Google Cloud resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. Does not include identities that come from external identity providers (IdPs) through identity federation. * `user:{emailid}`: An email address that represents a specific Google account. For example, `alice@example.com` . * `serviceAccount:{emailid}`: An email address that represents a Google service account. For example, `my-other-app@appspot.gserviceaccount.com`. * `serviceAccount:{projectid}.svc.id.goog[{namespace}/{kubernetes-sa}]`: An identifier for a [Kubernetes service account](https://cloud.google.com/kubernetes-engine/docs/how-to/kubernetes-service-accounts). For example, `my-project.svc.id.goog[my-namespace/my-kubernetes-sa]`. * `group:{emailid}`: An email address that represents a Google group. For example, `admins@example.com`. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `alice@example.com?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `my-other-app@appspot.gserviceaccount.com?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `admins@example.com?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding.

func (CertificateTemplateIamMemberOutput) Name added in v0.26.0 

func (o CertificateTemplateIamMemberOutput) Name() pulumi.StringOutput

The name of the resource to manage IAM policies for.

func (CertificateTemplateIamMemberOutput) Project added in v0.26.0 

func (o CertificateTemplateIamMemberOutput) Project() pulumi.StringOutput

The project in which the resource belongs. If it is not provided, a default will be supplied.

func (CertificateTemplateIamMemberOutput) Role added in v0.26.0 

func (o CertificateTemplateIamMemberOutput) Role() pulumi.StringOutput

Role that is assigned to the list of `members`, or principals. For example, `roles/viewer`, `roles/editor`, or `roles/owner`.

func (CertificateTemplateIamMemberOutput) ToCertificateTemplateIamMemberOutput added in v0.26.0 

func (o CertificateTemplateIamMemberOutput) ToCertificateTemplateIamMemberOutput() CertificateTemplateIamMemberOutput

func (CertificateTemplateIamMemberOutput) ToCertificateTemplateIamMemberOutputWithContext added in v0.26.0 

func (o CertificateTemplateIamMemberOutput) ToCertificateTemplateIamMemberOutputWithContext(ctx context.Context) CertificateTemplateIamMemberOutput

type CertificateTemplateIamMemberState added in v0.26.0 

type CertificateTemplateIamMemberState struct {
}

func (CertificateTemplateIamMemberState) ElementType added in v0.26.0 

func (CertificateTemplateIamMemberState) ElementType() reflect.Type

type CertificateTemplateIamPolicy 

type CertificateTemplateIamPolicy struct {
	pulumi.CustomResourceState

	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigResponseArrayOutput `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings              BindingResponseArrayOutput `pulumi:"bindings"`
	CertificateTemplateId pulumi.StringOutput        `pulumi:"certificateTemplateId"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringOutput `pulumi:"etag"`
	Location pulumi.StringOutput `pulumi:"location"`
	Project  pulumi.StringOutput `pulumi:"project"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntOutput `pulumi:"version"`
}

Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

func GetCertificateTemplateIamPolicy 

func GetCertificateTemplateIamPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *CertificateTemplateIamPolicyState, opts ...pulumi.ResourceOption) (*CertificateTemplateIamPolicy, error)

GetCertificateTemplateIamPolicy gets an existing CertificateTemplateIamPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewCertificateTemplateIamPolicy 

func NewCertificateTemplateIamPolicy(ctx *pulumi.Context,
	name string, args *CertificateTemplateIamPolicyArgs, opts ...pulumi.ResourceOption) (*CertificateTemplateIamPolicy, error)

NewCertificateTemplateIamPolicy registers a new resource with the given unique name, arguments, and options.

func (*CertificateTemplateIamPolicy) ElementType 

func (*CertificateTemplateIamPolicy) ElementType() reflect.Type

func (*CertificateTemplateIamPolicy) ToCertificateTemplateIamPolicyOutput 

func (i *CertificateTemplateIamPolicy) ToCertificateTemplateIamPolicyOutput() CertificateTemplateIamPolicyOutput

func (*CertificateTemplateIamPolicy) ToCertificateTemplateIamPolicyOutputWithContext 

func (i *CertificateTemplateIamPolicy) ToCertificateTemplateIamPolicyOutputWithContext(ctx context.Context) CertificateTemplateIamPolicyOutput

type CertificateTemplateIamPolicyArgs 

type CertificateTemplateIamPolicyArgs struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs AuditConfigArrayInput
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings              BindingArrayInput
	CertificateTemplateId pulumi.StringInput
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag     pulumi.StringPtrInput
	Location pulumi.StringPtrInput
	Project  pulumi.StringPtrInput
	// OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"`
	UpdateMask pulumi.StringPtrInput
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version pulumi.IntPtrInput
}

The set of arguments for constructing a CertificateTemplateIamPolicy resource.

func (CertificateTemplateIamPolicyArgs) ElementType 

func (CertificateTemplateIamPolicyArgs) ElementType() reflect.Type

type CertificateTemplateIamPolicyInput 

type CertificateTemplateIamPolicyInput interface {
	pulumi.Input

	ToCertificateTemplateIamPolicyOutput() CertificateTemplateIamPolicyOutput
	ToCertificateTemplateIamPolicyOutputWithContext(ctx context.Context) CertificateTemplateIamPolicyOutput
}

type CertificateTemplateIamPolicyOutput 

type CertificateTemplateIamPolicyOutput struct{ *pulumi.OutputState }

func (CertificateTemplateIamPolicyOutput) AuditConfigs added in v0.19.0 

func (o CertificateTemplateIamPolicyOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (CertificateTemplateIamPolicyOutput) Bindings added in v0.19.0 

func (o CertificateTemplateIamPolicyOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (CertificateTemplateIamPolicyOutput) CertificateTemplateId added in v0.21.0 

func (o CertificateTemplateIamPolicyOutput) CertificateTemplateId() pulumi.StringOutput

func (CertificateTemplateIamPolicyOutput) ElementType 

func (CertificateTemplateIamPolicyOutput) ElementType() reflect.Type

func (CertificateTemplateIamPolicyOutput) Etag added in v0.19.0 

func (o CertificateTemplateIamPolicyOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (CertificateTemplateIamPolicyOutput) Location added in v0.21.0 

func (o CertificateTemplateIamPolicyOutput) Location() pulumi.StringOutput

func (CertificateTemplateIamPolicyOutput) Project added in v0.21.0 

func (o CertificateTemplateIamPolicyOutput) Project() pulumi.StringOutput

func (CertificateTemplateIamPolicyOutput) ToCertificateTemplateIamPolicyOutput 

func (o CertificateTemplateIamPolicyOutput) ToCertificateTemplateIamPolicyOutput() CertificateTemplateIamPolicyOutput

func (CertificateTemplateIamPolicyOutput) ToCertificateTemplateIamPolicyOutputWithContext 

func (o CertificateTemplateIamPolicyOutput) ToCertificateTemplateIamPolicyOutputWithContext(ctx context.Context) CertificateTemplateIamPolicyOutput

func (CertificateTemplateIamPolicyOutput) Version added in v0.19.0 

func (o CertificateTemplateIamPolicyOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type CertificateTemplateIamPolicyState 

type CertificateTemplateIamPolicyState struct {
}

func (CertificateTemplateIamPolicyState) ElementType 

func (CertificateTemplateIamPolicyState) ElementType() reflect.Type

type CertificateTemplateInput 

type CertificateTemplateInput interface {
	pulumi.Input

	ToCertificateTemplateOutput() CertificateTemplateOutput
	ToCertificateTemplateOutputWithContext(ctx context.Context) CertificateTemplateOutput
}

type CertificateTemplateOutput 

type CertificateTemplateOutput struct{ *pulumi.OutputState }

func (CertificateTemplateOutput) CertificateTemplateId added in v0.21.0 

func (o CertificateTemplateOutput) CertificateTemplateId() pulumi.StringOutput

Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`

func (CertificateTemplateOutput) CreateTime added in v0.19.0 

func (o CertificateTemplateOutput) CreateTime() pulumi.StringOutput

The time at which this CertificateTemplate was created.

func (CertificateTemplateOutput) Description added in v0.19.0 

func (o CertificateTemplateOutput) Description() pulumi.StringOutput

Optional. A human-readable description of scenarios this template is intended for.

func (CertificateTemplateOutput) ElementType 

func (CertificateTemplateOutput) ElementType() reflect.Type

func (CertificateTemplateOutput) IdentityConstraints added in v0.19.0 

func (o CertificateTemplateOutput) IdentityConstraints() CertificateIdentityConstraintsResponseOutput

Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.

func (CertificateTemplateOutput) Labels added in v0.19.0 

func (o CertificateTemplateOutput) Labels() pulumi.StringMapOutput

Optional. Labels with user-defined metadata.

func (CertificateTemplateOutput) Location added in v0.21.0 

func (o CertificateTemplateOutput) Location() pulumi.StringOutput

func (CertificateTemplateOutput) MaximumLifetime added in v0.32.0 

func (o CertificateTemplateOutput) MaximumLifetime() pulumi.StringOutput

Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

func (CertificateTemplateOutput) Name added in v0.19.0 

func (o CertificateTemplateOutput) Name() pulumi.StringOutput

The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.

func (CertificateTemplateOutput) PassthroughExtensions added in v0.19.0 

func (o CertificateTemplateOutput) PassthroughExtensions() CertificateExtensionConstraintsResponseOutput

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.

func (CertificateTemplateOutput) PredefinedValues added in v0.19.0 

func (o CertificateTemplateOutput) PredefinedValues() X509ParametersResponseOutput

Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.

func (CertificateTemplateOutput) Project added in v0.21.0 

func (o CertificateTemplateOutput) Project() pulumi.StringOutput

func (CertificateTemplateOutput) RequestId added in v0.21.0 

func (o CertificateTemplateOutput) RequestId() pulumi.StringPtrOutput

Optional. An ID to identify requests. Specify a unique request ID so that if you must retry your request, the server will know to ignore the request if it has already been completed. The server will guarantee that for at least 60 minutes since the first request. For example, consider a situation where you make an initial request and the request times out. If you make the request again with the same request ID, the server can check if original operation with the same request ID was received, and if so, will ignore the second request. This prevents clients from accidentally creating duplicate commitments. The request ID must be a valid UUID with the exception that zero UUID is not supported (00000000-0000-0000-0000-000000000000).

func (CertificateTemplateOutput) ToCertificateTemplateOutput 

func (o CertificateTemplateOutput) ToCertificateTemplateOutput() CertificateTemplateOutput

func (CertificateTemplateOutput) ToCertificateTemplateOutputWithContext 

func (o CertificateTemplateOutput) ToCertificateTemplateOutputWithContext(ctx context.Context) CertificateTemplateOutput

func (CertificateTemplateOutput) UpdateTime added in v0.19.0 

func (o CertificateTemplateOutput) UpdateTime() pulumi.StringOutput

The time at which this CertificateTemplate was updated.

type CertificateTemplateState 

type CertificateTemplateState struct {
}

func (CertificateTemplateState) ElementType 

func (CertificateTemplateState) ElementType() reflect.Type

type EcKeyType 

type EcKeyType struct {
	// Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.
	SignatureAlgorithm *EcKeyTypeSignatureAlgorithm `pulumi:"signatureAlgorithm"`
}

Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool.

type EcKeyTypeArgs 

type EcKeyTypeArgs struct {
	// Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.
	SignatureAlgorithm EcKeyTypeSignatureAlgorithmPtrInput `pulumi:"signatureAlgorithm"`
}

Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool.

func (EcKeyTypeArgs) ElementType 

func (EcKeyTypeArgs) ElementType() reflect.Type

func (EcKeyTypeArgs) ToEcKeyTypeOutput 

func (i EcKeyTypeArgs) ToEcKeyTypeOutput() EcKeyTypeOutput

func (EcKeyTypeArgs) ToEcKeyTypeOutputWithContext 

func (i EcKeyTypeArgs) ToEcKeyTypeOutputWithContext(ctx context.Context) EcKeyTypeOutput

func (EcKeyTypeArgs) ToEcKeyTypePtrOutput 

func (i EcKeyTypeArgs) ToEcKeyTypePtrOutput() EcKeyTypePtrOutput

func (EcKeyTypeArgs) ToEcKeyTypePtrOutputWithContext 

func (i EcKeyTypeArgs) ToEcKeyTypePtrOutputWithContext(ctx context.Context) EcKeyTypePtrOutput

type EcKeyTypeInput 

type EcKeyTypeInput interface {
	pulumi.Input

	ToEcKeyTypeOutput() EcKeyTypeOutput
	ToEcKeyTypeOutputWithContext(context.Context) EcKeyTypeOutput
}

EcKeyTypeInput is an input type that accepts EcKeyTypeArgs and EcKeyTypeOutput values. You can construct a concrete instance of `EcKeyTypeInput` via: 

EcKeyTypeArgs{...}

type EcKeyTypeOutput 

type EcKeyTypeOutput struct{ *pulumi.OutputState }

Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool.

func (EcKeyTypeOutput) ElementType 

func (EcKeyTypeOutput) ElementType() reflect.Type

func (EcKeyTypeOutput) SignatureAlgorithm 

func (o EcKeyTypeOutput) SignatureAlgorithm() EcKeyTypeSignatureAlgorithmPtrOutput

Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.

func (EcKeyTypeOutput) ToEcKeyTypeOutput 

func (o EcKeyTypeOutput) ToEcKeyTypeOutput() EcKeyTypeOutput

func (EcKeyTypeOutput) ToEcKeyTypeOutputWithContext 

func (o EcKeyTypeOutput) ToEcKeyTypeOutputWithContext(ctx context.Context) EcKeyTypeOutput

func (EcKeyTypeOutput) ToEcKeyTypePtrOutput 

func (o EcKeyTypeOutput) ToEcKeyTypePtrOutput() EcKeyTypePtrOutput

func (EcKeyTypeOutput) ToEcKeyTypePtrOutputWithContext 

func (o EcKeyTypeOutput) ToEcKeyTypePtrOutputWithContext(ctx context.Context) EcKeyTypePtrOutput

type EcKeyTypePtrInput 

type EcKeyTypePtrInput interface {
	pulumi.Input

	ToEcKeyTypePtrOutput() EcKeyTypePtrOutput
	ToEcKeyTypePtrOutputWithContext(context.Context) EcKeyTypePtrOutput
}

EcKeyTypePtrInput is an input type that accepts EcKeyTypeArgs, EcKeyTypePtr and EcKeyTypePtrOutput values. You can construct a concrete instance of `EcKeyTypePtrInput` via: 

        EcKeyTypeArgs{...}

or:

        nil

func EcKeyTypePtr 

func EcKeyTypePtr(v *EcKeyTypeArgs) EcKeyTypePtrInput

type EcKeyTypePtrOutput 

type EcKeyTypePtrOutput struct{ *pulumi.OutputState }

func (EcKeyTypePtrOutput) Elem 

func (o EcKeyTypePtrOutput) Elem() EcKeyTypeOutput

func (EcKeyTypePtrOutput) ElementType 

func (EcKeyTypePtrOutput) ElementType() reflect.Type

func (EcKeyTypePtrOutput) SignatureAlgorithm 

func (o EcKeyTypePtrOutput) SignatureAlgorithm() EcKeyTypeSignatureAlgorithmPtrOutput

Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.

func (EcKeyTypePtrOutput) ToEcKeyTypePtrOutput 

func (o EcKeyTypePtrOutput) ToEcKeyTypePtrOutput() EcKeyTypePtrOutput

func (EcKeyTypePtrOutput) ToEcKeyTypePtrOutputWithContext 

func (o EcKeyTypePtrOutput) ToEcKeyTypePtrOutputWithContext(ctx context.Context) EcKeyTypePtrOutput

type EcKeyTypeResponse 

type EcKeyTypeResponse struct {
	// Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.
	SignatureAlgorithm string `pulumi:"signatureAlgorithm"`
}

Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool.

type EcKeyTypeResponseOutput 

type EcKeyTypeResponseOutput struct{ *pulumi.OutputState }

Describes an Elliptic Curve key that may be used in a Certificate issued from a CaPool.

func (EcKeyTypeResponseOutput) ElementType 

func (EcKeyTypeResponseOutput) ElementType() reflect.Type

func (EcKeyTypeResponseOutput) SignatureAlgorithm 

func (o EcKeyTypeResponseOutput) SignatureAlgorithm() pulumi.StringOutput

Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.

func (EcKeyTypeResponseOutput) ToEcKeyTypeResponseOutput 

func (o EcKeyTypeResponseOutput) ToEcKeyTypeResponseOutput() EcKeyTypeResponseOutput

func (EcKeyTypeResponseOutput) ToEcKeyTypeResponseOutputWithContext 

func (o EcKeyTypeResponseOutput) ToEcKeyTypeResponseOutputWithContext(ctx context.Context) EcKeyTypeResponseOutput

type EcKeyTypeSignatureAlgorithm 

type EcKeyTypeSignatureAlgorithm string

Optional. A signature algorithm that must be used. If this is omitted, any EC-based signature algorithm will be allowed.

func (EcKeyTypeSignatureAlgorithm) ElementType 

func (EcKeyTypeSignatureAlgorithm) ElementType() reflect.Type

func (EcKeyTypeSignatureAlgorithm) ToEcKeyTypeSignatureAlgorithmOutput added in v0.6.0 

func (e EcKeyTypeSignatureAlgorithm) ToEcKeyTypeSignatureAlgorithmOutput() EcKeyTypeSignatureAlgorithmOutput

func (EcKeyTypeSignatureAlgorithm) ToEcKeyTypeSignatureAlgorithmOutputWithContext added in v0.6.0 

func (e EcKeyTypeSignatureAlgorithm) ToEcKeyTypeSignatureAlgorithmOutputWithContext(ctx context.Context) EcKeyTypeSignatureAlgorithmOutput

func (EcKeyTypeSignatureAlgorithm) ToEcKeyTypeSignatureAlgorithmPtrOutput added in v0.6.0 

func (e EcKeyTypeSignatureAlgorithm) ToEcKeyTypeSignatureAlgorithmPtrOutput() EcKeyTypeSignatureAlgorithmPtrOutput

func (EcKeyTypeSignatureAlgorithm) ToEcKeyTypeSignatureAlgorithmPtrOutputWithContext added in v0.6.0 

func (e EcKeyTypeSignatureAlgorithm) ToEcKeyTypeSignatureAlgorithmPtrOutputWithContext(ctx context.Context) EcKeyTypeSignatureAlgorithmPtrOutput

func (EcKeyTypeSignatureAlgorithm) ToStringOutput 

func (e EcKeyTypeSignatureAlgorithm) ToStringOutput() pulumi.StringOutput

func (EcKeyTypeSignatureAlgorithm) ToStringOutputWithContext 

func (e EcKeyTypeSignatureAlgorithm) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EcKeyTypeSignatureAlgorithm) ToStringPtrOutput 

func (e EcKeyTypeSignatureAlgorithm) ToStringPtrOutput() pulumi.StringPtrOutput

func (EcKeyTypeSignatureAlgorithm) ToStringPtrOutputWithContext 

func (e EcKeyTypeSignatureAlgorithm) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EcKeyTypeSignatureAlgorithmInput added in v0.6.0 

type EcKeyTypeSignatureAlgorithmInput interface {
	pulumi.Input

	ToEcKeyTypeSignatureAlgorithmOutput() EcKeyTypeSignatureAlgorithmOutput
	ToEcKeyTypeSignatureAlgorithmOutputWithContext(context.Context) EcKeyTypeSignatureAlgorithmOutput
}

EcKeyTypeSignatureAlgorithmInput is an input type that accepts EcKeyTypeSignatureAlgorithmArgs and EcKeyTypeSignatureAlgorithmOutput values. You can construct a concrete instance of `EcKeyTypeSignatureAlgorithmInput` via: 

EcKeyTypeSignatureAlgorithmArgs{...}

type EcKeyTypeSignatureAlgorithmOutput added in v0.6.0 

type EcKeyTypeSignatureAlgorithmOutput struct{ *pulumi.OutputState }

func (EcKeyTypeSignatureAlgorithmOutput) ElementType added in v0.6.0 

func (EcKeyTypeSignatureAlgorithmOutput) ElementType() reflect.Type

func (EcKeyTypeSignatureAlgorithmOutput) ToEcKeyTypeSignatureAlgorithmOutput added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmOutput) ToEcKeyTypeSignatureAlgorithmOutput() EcKeyTypeSignatureAlgorithmOutput

func (EcKeyTypeSignatureAlgorithmOutput) ToEcKeyTypeSignatureAlgorithmOutputWithContext added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmOutput) ToEcKeyTypeSignatureAlgorithmOutputWithContext(ctx context.Context) EcKeyTypeSignatureAlgorithmOutput

func (EcKeyTypeSignatureAlgorithmOutput) ToEcKeyTypeSignatureAlgorithmPtrOutput added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmOutput) ToEcKeyTypeSignatureAlgorithmPtrOutput() EcKeyTypeSignatureAlgorithmPtrOutput

func (EcKeyTypeSignatureAlgorithmOutput) ToEcKeyTypeSignatureAlgorithmPtrOutputWithContext added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmOutput) ToEcKeyTypeSignatureAlgorithmPtrOutputWithContext(ctx context.Context) EcKeyTypeSignatureAlgorithmPtrOutput

func (EcKeyTypeSignatureAlgorithmOutput) ToStringOutput added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmOutput) ToStringOutput() pulumi.StringOutput

func (EcKeyTypeSignatureAlgorithmOutput) ToStringOutputWithContext added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (EcKeyTypeSignatureAlgorithmOutput) ToStringPtrOutput added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EcKeyTypeSignatureAlgorithmOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type EcKeyTypeSignatureAlgorithmPtrInput added in v0.6.0 

type EcKeyTypeSignatureAlgorithmPtrInput interface {
	pulumi.Input

	ToEcKeyTypeSignatureAlgorithmPtrOutput() EcKeyTypeSignatureAlgorithmPtrOutput
	ToEcKeyTypeSignatureAlgorithmPtrOutputWithContext(context.Context) EcKeyTypeSignatureAlgorithmPtrOutput
}

func EcKeyTypeSignatureAlgorithmPtr added in v0.6.0 

func EcKeyTypeSignatureAlgorithmPtr(v string) EcKeyTypeSignatureAlgorithmPtrInput

type EcKeyTypeSignatureAlgorithmPtrOutput added in v0.6.0 

type EcKeyTypeSignatureAlgorithmPtrOutput struct{ *pulumi.OutputState }

func (EcKeyTypeSignatureAlgorithmPtrOutput) Elem added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmPtrOutput) Elem() EcKeyTypeSignatureAlgorithmOutput

func (EcKeyTypeSignatureAlgorithmPtrOutput) ElementType added in v0.6.0 

func (EcKeyTypeSignatureAlgorithmPtrOutput) ElementType() reflect.Type

func (EcKeyTypeSignatureAlgorithmPtrOutput) ToEcKeyTypeSignatureAlgorithmPtrOutput added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmPtrOutput) ToEcKeyTypeSignatureAlgorithmPtrOutput() EcKeyTypeSignatureAlgorithmPtrOutput

func (EcKeyTypeSignatureAlgorithmPtrOutput) ToEcKeyTypeSignatureAlgorithmPtrOutputWithContext added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmPtrOutput) ToEcKeyTypeSignatureAlgorithmPtrOutputWithContext(ctx context.Context) EcKeyTypeSignatureAlgorithmPtrOutput

func (EcKeyTypeSignatureAlgorithmPtrOutput) ToStringPtrOutput added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (EcKeyTypeSignatureAlgorithmPtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o EcKeyTypeSignatureAlgorithmPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type Expr 

type Expr struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprArgs 

type ExprArgs struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description pulumi.StringPtrInput `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression pulumi.StringPtrInput `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location pulumi.StringPtrInput `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title pulumi.StringPtrInput `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprArgs) ElementType 

func (ExprArgs) ElementType() reflect.Type

func (ExprArgs) ToExprOutput 

func (i ExprArgs) ToExprOutput() ExprOutput

func (ExprArgs) ToExprOutputWithContext 

func (i ExprArgs) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprArgs) ToExprPtrOutput 

func (i ExprArgs) ToExprPtrOutput() ExprPtrOutput

func (ExprArgs) ToExprPtrOutputWithContext 

func (i ExprArgs) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprInput 

type ExprInput interface {
	pulumi.Input

	ToExprOutput() ExprOutput
	ToExprOutputWithContext(context.Context) ExprOutput
}

ExprInput is an input type that accepts ExprArgs and ExprOutput values. You can construct a concrete instance of `ExprInput` via: 

ExprArgs{...}

type ExprOutput 

type ExprOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprOutput) Description 

func (o ExprOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprOutput) ElementType 

func (ExprOutput) ElementType() reflect.Type

func (ExprOutput) Expression 

func (o ExprOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprOutput) Location 

func (o ExprOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprOutput) Title 

func (o ExprOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprOutput) ToExprOutput 

func (o ExprOutput) ToExprOutput() ExprOutput

func (ExprOutput) ToExprOutputWithContext 

func (o ExprOutput) ToExprOutputWithContext(ctx context.Context) ExprOutput

func (ExprOutput) ToExprPtrOutput 

func (o ExprOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprOutput) ToExprPtrOutputWithContext 

func (o ExprOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprPtrInput 

type ExprPtrInput interface {
	pulumi.Input

	ToExprPtrOutput() ExprPtrOutput
	ToExprPtrOutputWithContext(context.Context) ExprPtrOutput
}

ExprPtrInput is an input type that accepts ExprArgs, ExprPtr and ExprPtrOutput values. You can construct a concrete instance of `ExprPtrInput` via: 

        ExprArgs{...}

or:

        nil

func ExprPtr 

func ExprPtr(v *ExprArgs) ExprPtrInput

type ExprPtrOutput 

type ExprPtrOutput struct{ *pulumi.OutputState }

func (ExprPtrOutput) Description 

func (o ExprPtrOutput) Description() pulumi.StringPtrOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprPtrOutput) Elem 

func (o ExprPtrOutput) Elem() ExprOutput

func (ExprPtrOutput) ElementType 

func (ExprPtrOutput) ElementType() reflect.Type

func (ExprPtrOutput) Expression 

func (o ExprPtrOutput) Expression() pulumi.StringPtrOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprPtrOutput) Location 

func (o ExprPtrOutput) Location() pulumi.StringPtrOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprPtrOutput) Title 

func (o ExprPtrOutput) Title() pulumi.StringPtrOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprPtrOutput) ToExprPtrOutput 

func (o ExprPtrOutput) ToExprPtrOutput() ExprPtrOutput

func (ExprPtrOutput) ToExprPtrOutputWithContext 

func (o ExprPtrOutput) ToExprPtrOutputWithContext(ctx context.Context) ExprPtrOutput

type ExprResponse 

type ExprResponse struct {
	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description string `pulumi:"description"`
	// Textual representation of an expression in Common Expression Language syntax.
	Expression string `pulumi:"expression"`
	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location string `pulumi:"location"`
	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title string `pulumi:"title"`
}

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

type ExprResponseOutput 

type ExprResponseOutput struct{ *pulumi.OutputState }

Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.

func (ExprResponseOutput) Description 

func (o ExprResponseOutput) Description() pulumi.StringOutput

Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.

func (ExprResponseOutput) ElementType 

func (ExprResponseOutput) ElementType() reflect.Type

func (ExprResponseOutput) Expression 

func (o ExprResponseOutput) Expression() pulumi.StringOutput

Textual representation of an expression in Common Expression Language syntax.

func (ExprResponseOutput) Location 

func (o ExprResponseOutput) Location() pulumi.StringOutput

Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.

func (ExprResponseOutput) Title 

func (o ExprResponseOutput) Title() pulumi.StringOutput

Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.

func (ExprResponseOutput) ToExprResponseOutput 

func (o ExprResponseOutput) ToExprResponseOutput() ExprResponseOutput

func (ExprResponseOutput) ToExprResponseOutputWithContext 

func (o ExprResponseOutput) ToExprResponseOutputWithContext(ctx context.Context) ExprResponseOutput

type ExtendedKeyUsageOptions 

type ExtendedKeyUsageOptions struct {
	// Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
	ClientAuth *bool `pulumi:"clientAuth"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
	CodeSigning *bool `pulumi:"codeSigning"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
	EmailProtection *bool `pulumi:"emailProtection"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
	OcspSigning *bool `pulumi:"ocspSigning"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
	ServerAuth *bool `pulumi:"serverAuth"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
	TimeStamping *bool `pulumi:"timeStamping"`
}

KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

type ExtendedKeyUsageOptionsArgs 

type ExtendedKeyUsageOptionsArgs struct {
	// Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
	ClientAuth pulumi.BoolPtrInput `pulumi:"clientAuth"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
	CodeSigning pulumi.BoolPtrInput `pulumi:"codeSigning"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
	EmailProtection pulumi.BoolPtrInput `pulumi:"emailProtection"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
	OcspSigning pulumi.BoolPtrInput `pulumi:"ocspSigning"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
	ServerAuth pulumi.BoolPtrInput `pulumi:"serverAuth"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
	TimeStamping pulumi.BoolPtrInput `pulumi:"timeStamping"`
}

KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

func (ExtendedKeyUsageOptionsArgs) ElementType 

func (ExtendedKeyUsageOptionsArgs) ElementType() reflect.Type

func (ExtendedKeyUsageOptionsArgs) ToExtendedKeyUsageOptionsOutput 

func (i ExtendedKeyUsageOptionsArgs) ToExtendedKeyUsageOptionsOutput() ExtendedKeyUsageOptionsOutput

func (ExtendedKeyUsageOptionsArgs) ToExtendedKeyUsageOptionsOutputWithContext 

func (i ExtendedKeyUsageOptionsArgs) ToExtendedKeyUsageOptionsOutputWithContext(ctx context.Context) ExtendedKeyUsageOptionsOutput

func (ExtendedKeyUsageOptionsArgs) ToExtendedKeyUsageOptionsPtrOutput 

func (i ExtendedKeyUsageOptionsArgs) ToExtendedKeyUsageOptionsPtrOutput() ExtendedKeyUsageOptionsPtrOutput

func (ExtendedKeyUsageOptionsArgs) ToExtendedKeyUsageOptionsPtrOutputWithContext 

func (i ExtendedKeyUsageOptionsArgs) ToExtendedKeyUsageOptionsPtrOutputWithContext(ctx context.Context) ExtendedKeyUsageOptionsPtrOutput

type ExtendedKeyUsageOptionsInput 

type ExtendedKeyUsageOptionsInput interface {
	pulumi.Input

	ToExtendedKeyUsageOptionsOutput() ExtendedKeyUsageOptionsOutput
	ToExtendedKeyUsageOptionsOutputWithContext(context.Context) ExtendedKeyUsageOptionsOutput
}

ExtendedKeyUsageOptionsInput is an input type that accepts ExtendedKeyUsageOptionsArgs and ExtendedKeyUsageOptionsOutput values. You can construct a concrete instance of `ExtendedKeyUsageOptionsInput` via: 

ExtendedKeyUsageOptionsArgs{...}

type ExtendedKeyUsageOptionsOutput 

type ExtendedKeyUsageOptionsOutput struct{ *pulumi.OutputState }

KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

func (ExtendedKeyUsageOptionsOutput) ClientAuth 

func (o ExtendedKeyUsageOptionsOutput) ClientAuth() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

func (ExtendedKeyUsageOptionsOutput) CodeSigning 

func (o ExtendedKeyUsageOptionsOutput) CodeSigning() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

func (ExtendedKeyUsageOptionsOutput) ElementType 

func (ExtendedKeyUsageOptionsOutput) ElementType() reflect.Type

func (ExtendedKeyUsageOptionsOutput) EmailProtection 

func (o ExtendedKeyUsageOptionsOutput) EmailProtection() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

func (ExtendedKeyUsageOptionsOutput) OcspSigning 

func (o ExtendedKeyUsageOptionsOutput) OcspSigning() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

func (ExtendedKeyUsageOptionsOutput) ServerAuth 

func (o ExtendedKeyUsageOptionsOutput) ServerAuth() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

func (ExtendedKeyUsageOptionsOutput) TimeStamping 

func (o ExtendedKeyUsageOptionsOutput) TimeStamping() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

func (ExtendedKeyUsageOptionsOutput) ToExtendedKeyUsageOptionsOutput 

func (o ExtendedKeyUsageOptionsOutput) ToExtendedKeyUsageOptionsOutput() ExtendedKeyUsageOptionsOutput

func (ExtendedKeyUsageOptionsOutput) ToExtendedKeyUsageOptionsOutputWithContext 

func (o ExtendedKeyUsageOptionsOutput) ToExtendedKeyUsageOptionsOutputWithContext(ctx context.Context) ExtendedKeyUsageOptionsOutput

func (ExtendedKeyUsageOptionsOutput) ToExtendedKeyUsageOptionsPtrOutput 

func (o ExtendedKeyUsageOptionsOutput) ToExtendedKeyUsageOptionsPtrOutput() ExtendedKeyUsageOptionsPtrOutput

func (ExtendedKeyUsageOptionsOutput) ToExtendedKeyUsageOptionsPtrOutputWithContext 

func (o ExtendedKeyUsageOptionsOutput) ToExtendedKeyUsageOptionsPtrOutputWithContext(ctx context.Context) ExtendedKeyUsageOptionsPtrOutput

type ExtendedKeyUsageOptionsPtrInput 

type ExtendedKeyUsageOptionsPtrInput interface {
	pulumi.Input

	ToExtendedKeyUsageOptionsPtrOutput() ExtendedKeyUsageOptionsPtrOutput
	ToExtendedKeyUsageOptionsPtrOutputWithContext(context.Context) ExtendedKeyUsageOptionsPtrOutput
}

ExtendedKeyUsageOptionsPtrInput is an input type that accepts ExtendedKeyUsageOptionsArgs, ExtendedKeyUsageOptionsPtr and ExtendedKeyUsageOptionsPtrOutput values. You can construct a concrete instance of `ExtendedKeyUsageOptionsPtrInput` via: 

        ExtendedKeyUsageOptionsArgs{...}

or:

        nil

func ExtendedKeyUsageOptionsPtr 

func ExtendedKeyUsageOptionsPtr(v *ExtendedKeyUsageOptionsArgs) ExtendedKeyUsageOptionsPtrInput

type ExtendedKeyUsageOptionsPtrOutput 

type ExtendedKeyUsageOptionsPtrOutput struct{ *pulumi.OutputState }

func (ExtendedKeyUsageOptionsPtrOutput) ClientAuth 

func (o ExtendedKeyUsageOptionsPtrOutput) ClientAuth() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

func (ExtendedKeyUsageOptionsPtrOutput) CodeSigning 

func (o ExtendedKeyUsageOptionsPtrOutput) CodeSigning() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

func (ExtendedKeyUsageOptionsPtrOutput) Elem 

func (o ExtendedKeyUsageOptionsPtrOutput) Elem() ExtendedKeyUsageOptionsOutput

func (ExtendedKeyUsageOptionsPtrOutput) ElementType 

func (ExtendedKeyUsageOptionsPtrOutput) ElementType() reflect.Type

func (ExtendedKeyUsageOptionsPtrOutput) EmailProtection 

func (o ExtendedKeyUsageOptionsPtrOutput) EmailProtection() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

func (ExtendedKeyUsageOptionsPtrOutput) OcspSigning 

func (o ExtendedKeyUsageOptionsPtrOutput) OcspSigning() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

func (ExtendedKeyUsageOptionsPtrOutput) ServerAuth 

func (o ExtendedKeyUsageOptionsPtrOutput) ServerAuth() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

func (ExtendedKeyUsageOptionsPtrOutput) TimeStamping 

func (o ExtendedKeyUsageOptionsPtrOutput) TimeStamping() pulumi.BoolPtrOutput

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

func (ExtendedKeyUsageOptionsPtrOutput) ToExtendedKeyUsageOptionsPtrOutput 

func (o ExtendedKeyUsageOptionsPtrOutput) ToExtendedKeyUsageOptionsPtrOutput() ExtendedKeyUsageOptionsPtrOutput

func (ExtendedKeyUsageOptionsPtrOutput) ToExtendedKeyUsageOptionsPtrOutputWithContext 

func (o ExtendedKeyUsageOptionsPtrOutput) ToExtendedKeyUsageOptionsPtrOutputWithContext(ctx context.Context) ExtendedKeyUsageOptionsPtrOutput

type ExtendedKeyUsageOptionsResponse 

type ExtendedKeyUsageOptionsResponse struct {
	// Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
	ClientAuth bool `pulumi:"clientAuth"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
	CodeSigning bool `pulumi:"codeSigning"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
	EmailProtection bool `pulumi:"emailProtection"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
	OcspSigning bool `pulumi:"ocspSigning"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
	ServerAuth bool `pulumi:"serverAuth"`
	// Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
	TimeStamping bool `pulumi:"timeStamping"`
}

KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

type ExtendedKeyUsageOptionsResponseOutput 

type ExtendedKeyUsageOptionsResponseOutput struct{ *pulumi.OutputState }

KeyUsage.ExtendedKeyUsageOptions has fields that correspond to certain common OIDs that could be specified as an extended key usage value.

func (ExtendedKeyUsageOptionsResponseOutput) ClientAuth 

func (o ExtendedKeyUsageOptionsResponseOutput) ClientAuth() pulumi.BoolOutput

Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.

func (ExtendedKeyUsageOptionsResponseOutput) CodeSigning 

func (o ExtendedKeyUsageOptionsResponseOutput) CodeSigning() pulumi.BoolOutput

Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".

func (ExtendedKeyUsageOptionsResponseOutput) ElementType 

func (ExtendedKeyUsageOptionsResponseOutput) ElementType() reflect.Type

func (ExtendedKeyUsageOptionsResponseOutput) EmailProtection 

func (o ExtendedKeyUsageOptionsResponseOutput) EmailProtection() pulumi.BoolOutput

Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".

func (ExtendedKeyUsageOptionsResponseOutput) OcspSigning 

func (o ExtendedKeyUsageOptionsResponseOutput) OcspSigning() pulumi.BoolOutput

Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".

func (ExtendedKeyUsageOptionsResponseOutput) ServerAuth 

func (o ExtendedKeyUsageOptionsResponseOutput) ServerAuth() pulumi.BoolOutput

Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.

func (ExtendedKeyUsageOptionsResponseOutput) TimeStamping 

func (o ExtendedKeyUsageOptionsResponseOutput) TimeStamping() pulumi.BoolOutput

Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".

func (ExtendedKeyUsageOptionsResponseOutput) ToExtendedKeyUsageOptionsResponseOutput 

func (o ExtendedKeyUsageOptionsResponseOutput) ToExtendedKeyUsageOptionsResponseOutput() ExtendedKeyUsageOptionsResponseOutput

func (ExtendedKeyUsageOptionsResponseOutput) ToExtendedKeyUsageOptionsResponseOutputWithContext 

func (o ExtendedKeyUsageOptionsResponseOutput) ToExtendedKeyUsageOptionsResponseOutputWithContext(ctx context.Context) ExtendedKeyUsageOptionsResponseOutput

type IssuanceModes 

type IssuanceModes struct {
	// Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.
	AllowConfigBasedIssuance *bool `pulumi:"allowConfigBasedIssuance"`
	// Optional. When true, allows callers to create Certificates by specifying a CSR.
	AllowCsrBasedIssuance *bool `pulumi:"allowCsrBasedIssuance"`
}

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.

type IssuanceModesArgs 

type IssuanceModesArgs struct {
	// Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.
	AllowConfigBasedIssuance pulumi.BoolPtrInput `pulumi:"allowConfigBasedIssuance"`
	// Optional. When true, allows callers to create Certificates by specifying a CSR.
	AllowCsrBasedIssuance pulumi.BoolPtrInput `pulumi:"allowCsrBasedIssuance"`
}

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.

func (IssuanceModesArgs) ElementType 

func (IssuanceModesArgs) ElementType() reflect.Type

func (IssuanceModesArgs) ToIssuanceModesOutput 

func (i IssuanceModesArgs) ToIssuanceModesOutput() IssuanceModesOutput

func (IssuanceModesArgs) ToIssuanceModesOutputWithContext 

func (i IssuanceModesArgs) ToIssuanceModesOutputWithContext(ctx context.Context) IssuanceModesOutput

func (IssuanceModesArgs) ToIssuanceModesPtrOutput 

func (i IssuanceModesArgs) ToIssuanceModesPtrOutput() IssuanceModesPtrOutput

func (IssuanceModesArgs) ToIssuanceModesPtrOutputWithContext 

func (i IssuanceModesArgs) ToIssuanceModesPtrOutputWithContext(ctx context.Context) IssuanceModesPtrOutput

type IssuanceModesInput 

type IssuanceModesInput interface {
	pulumi.Input

	ToIssuanceModesOutput() IssuanceModesOutput
	ToIssuanceModesOutputWithContext(context.Context) IssuanceModesOutput
}

IssuanceModesInput is an input type that accepts IssuanceModesArgs and IssuanceModesOutput values. You can construct a concrete instance of `IssuanceModesInput` via: 

IssuanceModesArgs{...}

type IssuanceModesOutput 

type IssuanceModesOutput struct{ *pulumi.OutputState }

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.

func (IssuanceModesOutput) AllowConfigBasedIssuance 

func (o IssuanceModesOutput) AllowConfigBasedIssuance() pulumi.BoolPtrOutput

Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.

func (IssuanceModesOutput) AllowCsrBasedIssuance 

func (o IssuanceModesOutput) AllowCsrBasedIssuance() pulumi.BoolPtrOutput

Optional. When true, allows callers to create Certificates by specifying a CSR.

func (IssuanceModesOutput) ElementType 

func (IssuanceModesOutput) ElementType() reflect.Type

func (IssuanceModesOutput) ToIssuanceModesOutput 

func (o IssuanceModesOutput) ToIssuanceModesOutput() IssuanceModesOutput

func (IssuanceModesOutput) ToIssuanceModesOutputWithContext 

func (o IssuanceModesOutput) ToIssuanceModesOutputWithContext(ctx context.Context) IssuanceModesOutput

func (IssuanceModesOutput) ToIssuanceModesPtrOutput 

func (o IssuanceModesOutput) ToIssuanceModesPtrOutput() IssuanceModesPtrOutput

func (IssuanceModesOutput) ToIssuanceModesPtrOutputWithContext 

func (o IssuanceModesOutput) ToIssuanceModesPtrOutputWithContext(ctx context.Context) IssuanceModesPtrOutput

type IssuanceModesPtrInput 

type IssuanceModesPtrInput interface {
	pulumi.Input

	ToIssuanceModesPtrOutput() IssuanceModesPtrOutput
	ToIssuanceModesPtrOutputWithContext(context.Context) IssuanceModesPtrOutput
}

IssuanceModesPtrInput is an input type that accepts IssuanceModesArgs, IssuanceModesPtr and IssuanceModesPtrOutput values. You can construct a concrete instance of `IssuanceModesPtrInput` via: 

        IssuanceModesArgs{...}

or:

        nil

func IssuanceModesPtr 

func IssuanceModesPtr(v *IssuanceModesArgs) IssuanceModesPtrInput

type IssuanceModesPtrOutput 

type IssuanceModesPtrOutput struct{ *pulumi.OutputState }

func (IssuanceModesPtrOutput) AllowConfigBasedIssuance 

func (o IssuanceModesPtrOutput) AllowConfigBasedIssuance() pulumi.BoolPtrOutput

Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.

func (IssuanceModesPtrOutput) AllowCsrBasedIssuance 

func (o IssuanceModesPtrOutput) AllowCsrBasedIssuance() pulumi.BoolPtrOutput

Optional. When true, allows callers to create Certificates by specifying a CSR.

func (IssuanceModesPtrOutput) Elem 

func (o IssuanceModesPtrOutput) Elem() IssuanceModesOutput

func (IssuanceModesPtrOutput) ElementType 

func (IssuanceModesPtrOutput) ElementType() reflect.Type

func (IssuanceModesPtrOutput) ToIssuanceModesPtrOutput 

func (o IssuanceModesPtrOutput) ToIssuanceModesPtrOutput() IssuanceModesPtrOutput

func (IssuanceModesPtrOutput) ToIssuanceModesPtrOutputWithContext 

func (o IssuanceModesPtrOutput) ToIssuanceModesPtrOutputWithContext(ctx context.Context) IssuanceModesPtrOutput

type IssuanceModesResponse 

type IssuanceModesResponse struct {
	// Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.
	AllowConfigBasedIssuance bool `pulumi:"allowConfigBasedIssuance"`
	// Optional. When true, allows callers to create Certificates by specifying a CSR.
	AllowCsrBasedIssuance bool `pulumi:"allowCsrBasedIssuance"`
}

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.

type IssuanceModesResponseOutput 

type IssuanceModesResponseOutput struct{ *pulumi.OutputState }

IssuanceModes specifies the allowed ways in which Certificates may be requested from this CaPool.

func (IssuanceModesResponseOutput) AllowConfigBasedIssuance 

func (o IssuanceModesResponseOutput) AllowConfigBasedIssuance() pulumi.BoolOutput

Optional. When true, allows callers to create Certificates by specifying a CertificateConfig.

func (IssuanceModesResponseOutput) AllowCsrBasedIssuance 

func (o IssuanceModesResponseOutput) AllowCsrBasedIssuance() pulumi.BoolOutput

Optional. When true, allows callers to create Certificates by specifying a CSR.

func (IssuanceModesResponseOutput) ElementType 

func (IssuanceModesResponseOutput) ElementType() reflect.Type

func (IssuanceModesResponseOutput) ToIssuanceModesResponseOutput 

func (o IssuanceModesResponseOutput) ToIssuanceModesResponseOutput() IssuanceModesResponseOutput

func (IssuanceModesResponseOutput) ToIssuanceModesResponseOutputWithContext 

func (o IssuanceModesResponseOutput) ToIssuanceModesResponseOutputWithContext(ctx context.Context) IssuanceModesResponseOutput

type IssuancePolicy 

type IssuancePolicy struct {
	// Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
	AllowedIssuanceModes *IssuanceModes `pulumi:"allowedIssuanceModes"`
	// Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
	AllowedKeyTypes []AllowedKeyType `pulumi:"allowedKeyTypes"`
	// Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
	BaselineValues *X509Parameters `pulumi:"baselineValues"`
	// Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
	IdentityConstraints *CertificateIdentityConstraints `pulumi:"identityConstraints"`
	// Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
	MaximumLifetime *string `pulumi:"maximumLifetime"`
	// Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
	PassthroughExtensions *CertificateExtensionConstraints `pulumi:"passthroughExtensions"`
}

Defines controls over all certificate issuance within a CaPool.

type IssuancePolicyArgs 

type IssuancePolicyArgs struct {
	// Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
	AllowedIssuanceModes IssuanceModesPtrInput `pulumi:"allowedIssuanceModes"`
	// Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
	AllowedKeyTypes AllowedKeyTypeArrayInput `pulumi:"allowedKeyTypes"`
	// Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
	BaselineValues X509ParametersPtrInput `pulumi:"baselineValues"`
	// Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
	IdentityConstraints CertificateIdentityConstraintsPtrInput `pulumi:"identityConstraints"`
	// Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
	MaximumLifetime pulumi.StringPtrInput `pulumi:"maximumLifetime"`
	// Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
	PassthroughExtensions CertificateExtensionConstraintsPtrInput `pulumi:"passthroughExtensions"`
}

Defines controls over all certificate issuance within a CaPool.

func (IssuancePolicyArgs) ElementType 

func (IssuancePolicyArgs) ElementType() reflect.Type

func (IssuancePolicyArgs) ToIssuancePolicyOutput 

func (i IssuancePolicyArgs) ToIssuancePolicyOutput() IssuancePolicyOutput

func (IssuancePolicyArgs) ToIssuancePolicyOutputWithContext 

func (i IssuancePolicyArgs) ToIssuancePolicyOutputWithContext(ctx context.Context) IssuancePolicyOutput

func (IssuancePolicyArgs) ToIssuancePolicyPtrOutput 

func (i IssuancePolicyArgs) ToIssuancePolicyPtrOutput() IssuancePolicyPtrOutput

func (IssuancePolicyArgs) ToIssuancePolicyPtrOutputWithContext 

func (i IssuancePolicyArgs) ToIssuancePolicyPtrOutputWithContext(ctx context.Context) IssuancePolicyPtrOutput

type IssuancePolicyInput 

type IssuancePolicyInput interface {
	pulumi.Input

	ToIssuancePolicyOutput() IssuancePolicyOutput
	ToIssuancePolicyOutputWithContext(context.Context) IssuancePolicyOutput
}

IssuancePolicyInput is an input type that accepts IssuancePolicyArgs and IssuancePolicyOutput values. You can construct a concrete instance of `IssuancePolicyInput` via: 

IssuancePolicyArgs{...}

type IssuancePolicyOutput 

type IssuancePolicyOutput struct{ *pulumi.OutputState }

Defines controls over all certificate issuance within a CaPool.

func (IssuancePolicyOutput) AllowedIssuanceModes 

func (o IssuancePolicyOutput) AllowedIssuanceModes() IssuanceModesPtrOutput

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

func (IssuancePolicyOutput) AllowedKeyTypes 

func (o IssuancePolicyOutput) AllowedKeyTypes() AllowedKeyTypeArrayOutput

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

func (IssuancePolicyOutput) BaselineValues 

func (o IssuancePolicyOutput) BaselineValues() X509ParametersPtrOutput

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

func (IssuancePolicyOutput) ElementType 

func (IssuancePolicyOutput) ElementType() reflect.Type

func (IssuancePolicyOutput) IdentityConstraints 

func (o IssuancePolicyOutput) IdentityConstraints() CertificateIdentityConstraintsPtrOutput

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

func (IssuancePolicyOutput) MaximumLifetime 

func (o IssuancePolicyOutput) MaximumLifetime() pulumi.StringPtrOutput

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

func (IssuancePolicyOutput) PassthroughExtensions 

func (o IssuancePolicyOutput) PassthroughExtensions() CertificateExtensionConstraintsPtrOutput

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

func (IssuancePolicyOutput) ToIssuancePolicyOutput 

func (o IssuancePolicyOutput) ToIssuancePolicyOutput() IssuancePolicyOutput

func (IssuancePolicyOutput) ToIssuancePolicyOutputWithContext 

func (o IssuancePolicyOutput) ToIssuancePolicyOutputWithContext(ctx context.Context) IssuancePolicyOutput

func (IssuancePolicyOutput) ToIssuancePolicyPtrOutput 

func (o IssuancePolicyOutput) ToIssuancePolicyPtrOutput() IssuancePolicyPtrOutput

func (IssuancePolicyOutput) ToIssuancePolicyPtrOutputWithContext 

func (o IssuancePolicyOutput) ToIssuancePolicyPtrOutputWithContext(ctx context.Context) IssuancePolicyPtrOutput

type IssuancePolicyPtrInput 

type IssuancePolicyPtrInput interface {
	pulumi.Input

	ToIssuancePolicyPtrOutput() IssuancePolicyPtrOutput
	ToIssuancePolicyPtrOutputWithContext(context.Context) IssuancePolicyPtrOutput
}

IssuancePolicyPtrInput is an input type that accepts IssuancePolicyArgs, IssuancePolicyPtr and IssuancePolicyPtrOutput values. You can construct a concrete instance of `IssuancePolicyPtrInput` via: 

        IssuancePolicyArgs{...}

or:

        nil

func IssuancePolicyPtr 

func IssuancePolicyPtr(v *IssuancePolicyArgs) IssuancePolicyPtrInput

type IssuancePolicyPtrOutput 

type IssuancePolicyPtrOutput struct{ *pulumi.OutputState }

func (IssuancePolicyPtrOutput) AllowedIssuanceModes 

func (o IssuancePolicyPtrOutput) AllowedIssuanceModes() IssuanceModesPtrOutput

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

func (IssuancePolicyPtrOutput) AllowedKeyTypes 

func (o IssuancePolicyPtrOutput) AllowedKeyTypes() AllowedKeyTypeArrayOutput

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

func (IssuancePolicyPtrOutput) BaselineValues 

func (o IssuancePolicyPtrOutput) BaselineValues() X509ParametersPtrOutput

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

func (IssuancePolicyPtrOutput) Elem 

func (o IssuancePolicyPtrOutput) Elem() IssuancePolicyOutput

func (IssuancePolicyPtrOutput) ElementType 

func (IssuancePolicyPtrOutput) ElementType() reflect.Type

func (IssuancePolicyPtrOutput) IdentityConstraints 

func (o IssuancePolicyPtrOutput) IdentityConstraints() CertificateIdentityConstraintsPtrOutput

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

func (IssuancePolicyPtrOutput) MaximumLifetime 

func (o IssuancePolicyPtrOutput) MaximumLifetime() pulumi.StringPtrOutput

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

func (IssuancePolicyPtrOutput) PassthroughExtensions 

func (o IssuancePolicyPtrOutput) PassthroughExtensions() CertificateExtensionConstraintsPtrOutput

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

func (IssuancePolicyPtrOutput) ToIssuancePolicyPtrOutput 

func (o IssuancePolicyPtrOutput) ToIssuancePolicyPtrOutput() IssuancePolicyPtrOutput

func (IssuancePolicyPtrOutput) ToIssuancePolicyPtrOutputWithContext 

func (o IssuancePolicyPtrOutput) ToIssuancePolicyPtrOutputWithContext(ctx context.Context) IssuancePolicyPtrOutput

type IssuancePolicyResponse 

type IssuancePolicyResponse struct {
	// Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.
	AllowedIssuanceModes IssuanceModesResponse `pulumi:"allowedIssuanceModes"`
	// Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
	AllowedKeyTypes []AllowedKeyTypeResponse `pulumi:"allowedKeyTypes"`
	// Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
	BaselineValues X509ParametersResponse `pulumi:"baselineValues"`
	// Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.
	IdentityConstraints CertificateIdentityConstraintsResponse `pulumi:"identityConstraints"`
	// Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
	MaximumLifetime string `pulumi:"maximumLifetime"`
	// Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.
	PassthroughExtensions CertificateExtensionConstraintsResponse `pulumi:"passthroughExtensions"`
}

Defines controls over all certificate issuance within a CaPool.

type IssuancePolicyResponseOutput 

type IssuancePolicyResponseOutput struct{ *pulumi.OutputState }

Defines controls over all certificate issuance within a CaPool.

func (IssuancePolicyResponseOutput) AllowedIssuanceModes 

func (o IssuancePolicyResponseOutput) AllowedIssuanceModes() IssuanceModesResponseOutput

Optional. If specified, then only methods allowed in the IssuanceModes may be used to issue Certificates.

func (IssuancePolicyResponseOutput) AllowedKeyTypes 

func (o IssuancePolicyResponseOutput) AllowedKeyTypes() AllowedKeyTypeResponseArrayOutput

Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.

func (IssuancePolicyResponseOutput) BaselineValues 

func (o IssuancePolicyResponseOutput) BaselineValues() X509ParametersResponseOutput

Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.

func (IssuancePolicyResponseOutput) ElementType 

func (IssuancePolicyResponseOutput) ElementType() reflect.Type

func (IssuancePolicyResponseOutput) IdentityConstraints 

func (o IssuancePolicyResponseOutput) IdentityConstraints() CertificateIdentityConstraintsResponseOutput

Optional. Describes constraints on identities that may appear in Certificates issued through this CaPool. If this is omitted, then this CaPool will not add restrictions on a certificate's identity.

func (IssuancePolicyResponseOutput) MaximumLifetime 

func (o IssuancePolicyResponseOutput) MaximumLifetime() pulumi.StringOutput

Optional. The maximum lifetime allowed for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

func (IssuancePolicyResponseOutput) PassthroughExtensions 

func (o IssuancePolicyResponseOutput) PassthroughExtensions() CertificateExtensionConstraintsResponseOutput

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued through this CaPool. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If a certificate request uses a CertificateTemplate with predefined_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this CaPool will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CaPool's baseline_values.

func (IssuancePolicyResponseOutput) ToIssuancePolicyResponseOutput 

func (o IssuancePolicyResponseOutput) ToIssuancePolicyResponseOutput() IssuancePolicyResponseOutput

func (IssuancePolicyResponseOutput) ToIssuancePolicyResponseOutputWithContext 

func (o IssuancePolicyResponseOutput) ToIssuancePolicyResponseOutputWithContext(ctx context.Context) IssuancePolicyResponseOutput

type KeyIdResponse 

type KeyIdResponse struct {
	// Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.
	KeyId string `pulumi:"keyId"`
}

A KeyId identifies a specific public key, usually by hashing the public key.

type KeyIdResponseOutput 

type KeyIdResponseOutput struct{ *pulumi.OutputState }

A KeyId identifies a specific public key, usually by hashing the public key.

func (KeyIdResponseOutput) ElementType 

func (KeyIdResponseOutput) ElementType() reflect.Type

func (KeyIdResponseOutput) KeyId 

func (o KeyIdResponseOutput) KeyId() pulumi.StringOutput

Optional. The value of this KeyId encoded in lowercase hexadecimal. This is most likely the 160 bit SHA-1 hash of the public key.

func (KeyIdResponseOutput) ToKeyIdResponseOutput 

func (o KeyIdResponseOutput) ToKeyIdResponseOutput() KeyIdResponseOutput

func (KeyIdResponseOutput) ToKeyIdResponseOutputWithContext 

func (o KeyIdResponseOutput) ToKeyIdResponseOutputWithContext(ctx context.Context) KeyIdResponseOutput

type KeyUsage 

type KeyUsage struct {
	// Describes high-level ways in which a key may be used.
	BaseKeyUsage *KeyUsageOptions `pulumi:"baseKeyUsage"`
	// Detailed scenarios in which a key may be used.
	ExtendedKeyUsage *ExtendedKeyUsageOptions `pulumi:"extendedKeyUsage"`
	// Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
	UnknownExtendedKeyUsages []ObjectId `pulumi:"unknownExtendedKeyUsages"`
}

A KeyUsage describes key usage values that may appear in an X.509 certificate.

type KeyUsageArgs 

type KeyUsageArgs struct {
	// Describes high-level ways in which a key may be used.
	BaseKeyUsage KeyUsageOptionsPtrInput `pulumi:"baseKeyUsage"`
	// Detailed scenarios in which a key may be used.
	ExtendedKeyUsage ExtendedKeyUsageOptionsPtrInput `pulumi:"extendedKeyUsage"`
	// Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
	UnknownExtendedKeyUsages ObjectIdArrayInput `pulumi:"unknownExtendedKeyUsages"`
}

A KeyUsage describes key usage values that may appear in an X.509 certificate.

func (KeyUsageArgs) ElementType 

func (KeyUsageArgs) ElementType() reflect.Type

func (KeyUsageArgs) ToKeyUsageOutput 

func (i KeyUsageArgs) ToKeyUsageOutput() KeyUsageOutput

func (KeyUsageArgs) ToKeyUsageOutputWithContext 

func (i KeyUsageArgs) ToKeyUsageOutputWithContext(ctx context.Context) KeyUsageOutput

func (KeyUsageArgs) ToKeyUsagePtrOutput 

func (i KeyUsageArgs) ToKeyUsagePtrOutput() KeyUsagePtrOutput

func (KeyUsageArgs) ToKeyUsagePtrOutputWithContext 

func (i KeyUsageArgs) ToKeyUsagePtrOutputWithContext(ctx context.Context) KeyUsagePtrOutput

type KeyUsageInput 

type KeyUsageInput interface {
	pulumi.Input

	ToKeyUsageOutput() KeyUsageOutput
	ToKeyUsageOutputWithContext(context.Context) KeyUsageOutput
}

KeyUsageInput is an input type that accepts KeyUsageArgs and KeyUsageOutput values. You can construct a concrete instance of `KeyUsageInput` via: 

KeyUsageArgs{...}

type KeyUsageOptions 

type KeyUsageOptions struct {
	// The key may be used to sign certificates.
	CertSign *bool `pulumi:"certSign"`
	// The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
	ContentCommitment *bool `pulumi:"contentCommitment"`
	// The key may be used sign certificate revocation lists.
	CrlSign *bool `pulumi:"crlSign"`
	// The key may be used to encipher data.
	DataEncipherment *bool `pulumi:"dataEncipherment"`
	// The key may be used to decipher only.
	DecipherOnly *bool `pulumi:"decipherOnly"`
	// The key may be used for digital signatures.
	DigitalSignature *bool `pulumi:"digitalSignature"`
	// The key may be used to encipher only.
	EncipherOnly *bool `pulumi:"encipherOnly"`
	// The key may be used in a key agreement protocol.
	KeyAgreement *bool `pulumi:"keyAgreement"`
	// The key may be used to encipher other keys.
	KeyEncipherment *bool `pulumi:"keyEncipherment"`
}

KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

type KeyUsageOptionsArgs 

type KeyUsageOptionsArgs struct {
	// The key may be used to sign certificates.
	CertSign pulumi.BoolPtrInput `pulumi:"certSign"`
	// The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
	ContentCommitment pulumi.BoolPtrInput `pulumi:"contentCommitment"`
	// The key may be used sign certificate revocation lists.
	CrlSign pulumi.BoolPtrInput `pulumi:"crlSign"`
	// The key may be used to encipher data.
	DataEncipherment pulumi.BoolPtrInput `pulumi:"dataEncipherment"`
	// The key may be used to decipher only.
	DecipherOnly pulumi.BoolPtrInput `pulumi:"decipherOnly"`
	// The key may be used for digital signatures.
	DigitalSignature pulumi.BoolPtrInput `pulumi:"digitalSignature"`
	// The key may be used to encipher only.
	EncipherOnly pulumi.BoolPtrInput `pulumi:"encipherOnly"`
	// The key may be used in a key agreement protocol.
	KeyAgreement pulumi.BoolPtrInput `pulumi:"keyAgreement"`
	// The key may be used to encipher other keys.
	KeyEncipherment pulumi.BoolPtrInput `pulumi:"keyEncipherment"`
}

KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

func (KeyUsageOptionsArgs) ElementType 

func (KeyUsageOptionsArgs) ElementType() reflect.Type

func (KeyUsageOptionsArgs) ToKeyUsageOptionsOutput 

func (i KeyUsageOptionsArgs) ToKeyUsageOptionsOutput() KeyUsageOptionsOutput

func (KeyUsageOptionsArgs) ToKeyUsageOptionsOutputWithContext 

func (i KeyUsageOptionsArgs) ToKeyUsageOptionsOutputWithContext(ctx context.Context) KeyUsageOptionsOutput

func (KeyUsageOptionsArgs) ToKeyUsageOptionsPtrOutput 

func (i KeyUsageOptionsArgs) ToKeyUsageOptionsPtrOutput() KeyUsageOptionsPtrOutput

func (KeyUsageOptionsArgs) ToKeyUsageOptionsPtrOutputWithContext 

func (i KeyUsageOptionsArgs) ToKeyUsageOptionsPtrOutputWithContext(ctx context.Context) KeyUsageOptionsPtrOutput

type KeyUsageOptionsInput 

type KeyUsageOptionsInput interface {
	pulumi.Input

	ToKeyUsageOptionsOutput() KeyUsageOptionsOutput
	ToKeyUsageOptionsOutputWithContext(context.Context) KeyUsageOptionsOutput
}

KeyUsageOptionsInput is an input type that accepts KeyUsageOptionsArgs and KeyUsageOptionsOutput values. You can construct a concrete instance of `KeyUsageOptionsInput` via: 

KeyUsageOptionsArgs{...}

type KeyUsageOptionsOutput 

type KeyUsageOptionsOutput struct{ *pulumi.OutputState }

KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

func (KeyUsageOptionsOutput) CertSign 

func (o KeyUsageOptionsOutput) CertSign() pulumi.BoolPtrOutput

The key may be used to sign certificates.

func (KeyUsageOptionsOutput) ContentCommitment 

func (o KeyUsageOptionsOutput) ContentCommitment() pulumi.BoolPtrOutput

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

func (KeyUsageOptionsOutput) CrlSign 

func (o KeyUsageOptionsOutput) CrlSign() pulumi.BoolPtrOutput

The key may be used sign certificate revocation lists.

func (KeyUsageOptionsOutput) DataEncipherment 

func (o KeyUsageOptionsOutput) DataEncipherment() pulumi.BoolPtrOutput

The key may be used to encipher data.

func (KeyUsageOptionsOutput) DecipherOnly 

func (o KeyUsageOptionsOutput) DecipherOnly() pulumi.BoolPtrOutput

The key may be used to decipher only.

func (KeyUsageOptionsOutput) DigitalSignature 

func (o KeyUsageOptionsOutput) DigitalSignature() pulumi.BoolPtrOutput

The key may be used for digital signatures.

func (KeyUsageOptionsOutput) ElementType 

func (KeyUsageOptionsOutput) ElementType() reflect.Type

func (KeyUsageOptionsOutput) EncipherOnly 

func (o KeyUsageOptionsOutput) EncipherOnly() pulumi.BoolPtrOutput

The key may be used to encipher only.

func (KeyUsageOptionsOutput) KeyAgreement 

func (o KeyUsageOptionsOutput) KeyAgreement() pulumi.BoolPtrOutput

The key may be used in a key agreement protocol.

func (KeyUsageOptionsOutput) KeyEncipherment 

func (o KeyUsageOptionsOutput) KeyEncipherment() pulumi.BoolPtrOutput

The key may be used to encipher other keys.

func (KeyUsageOptionsOutput) ToKeyUsageOptionsOutput 

func (o KeyUsageOptionsOutput) ToKeyUsageOptionsOutput() KeyUsageOptionsOutput

func (KeyUsageOptionsOutput) ToKeyUsageOptionsOutputWithContext 

func (o KeyUsageOptionsOutput) ToKeyUsageOptionsOutputWithContext(ctx context.Context) KeyUsageOptionsOutput

func (KeyUsageOptionsOutput) ToKeyUsageOptionsPtrOutput 

func (o KeyUsageOptionsOutput) ToKeyUsageOptionsPtrOutput() KeyUsageOptionsPtrOutput

func (KeyUsageOptionsOutput) ToKeyUsageOptionsPtrOutputWithContext 

func (o KeyUsageOptionsOutput) ToKeyUsageOptionsPtrOutputWithContext(ctx context.Context) KeyUsageOptionsPtrOutput

type KeyUsageOptionsPtrInput 

type KeyUsageOptionsPtrInput interface {
	pulumi.Input

	ToKeyUsageOptionsPtrOutput() KeyUsageOptionsPtrOutput
	ToKeyUsageOptionsPtrOutputWithContext(context.Context) KeyUsageOptionsPtrOutput
}

KeyUsageOptionsPtrInput is an input type that accepts KeyUsageOptionsArgs, KeyUsageOptionsPtr and KeyUsageOptionsPtrOutput values. You can construct a concrete instance of `KeyUsageOptionsPtrInput` via: 

        KeyUsageOptionsArgs{...}

or:

        nil

func KeyUsageOptionsPtr 

func KeyUsageOptionsPtr(v *KeyUsageOptionsArgs) KeyUsageOptionsPtrInput

type KeyUsageOptionsPtrOutput 

type KeyUsageOptionsPtrOutput struct{ *pulumi.OutputState }

func (KeyUsageOptionsPtrOutput) CertSign 

func (o KeyUsageOptionsPtrOutput) CertSign() pulumi.BoolPtrOutput

The key may be used to sign certificates.

func (KeyUsageOptionsPtrOutput) ContentCommitment 

func (o KeyUsageOptionsPtrOutput) ContentCommitment() pulumi.BoolPtrOutput

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

func (KeyUsageOptionsPtrOutput) CrlSign 

func (o KeyUsageOptionsPtrOutput) CrlSign() pulumi.BoolPtrOutput

The key may be used sign certificate revocation lists.

func (KeyUsageOptionsPtrOutput) DataEncipherment 

func (o KeyUsageOptionsPtrOutput) DataEncipherment() pulumi.BoolPtrOutput

The key may be used to encipher data.

func (KeyUsageOptionsPtrOutput) DecipherOnly 

func (o KeyUsageOptionsPtrOutput) DecipherOnly() pulumi.BoolPtrOutput

The key may be used to decipher only.

func (KeyUsageOptionsPtrOutput) DigitalSignature 

func (o KeyUsageOptionsPtrOutput) DigitalSignature() pulumi.BoolPtrOutput

The key may be used for digital signatures.

func (KeyUsageOptionsPtrOutput) Elem 

func (o KeyUsageOptionsPtrOutput) Elem() KeyUsageOptionsOutput

func (KeyUsageOptionsPtrOutput) ElementType 

func (KeyUsageOptionsPtrOutput) ElementType() reflect.Type

func (KeyUsageOptionsPtrOutput) EncipherOnly 

func (o KeyUsageOptionsPtrOutput) EncipherOnly() pulumi.BoolPtrOutput

The key may be used to encipher only.

func (KeyUsageOptionsPtrOutput) KeyAgreement 

func (o KeyUsageOptionsPtrOutput) KeyAgreement() pulumi.BoolPtrOutput

The key may be used in a key agreement protocol.

func (KeyUsageOptionsPtrOutput) KeyEncipherment 

func (o KeyUsageOptionsPtrOutput) KeyEncipherment() pulumi.BoolPtrOutput

The key may be used to encipher other keys.

func (KeyUsageOptionsPtrOutput) ToKeyUsageOptionsPtrOutput 

func (o KeyUsageOptionsPtrOutput) ToKeyUsageOptionsPtrOutput() KeyUsageOptionsPtrOutput

func (KeyUsageOptionsPtrOutput) ToKeyUsageOptionsPtrOutputWithContext 

func (o KeyUsageOptionsPtrOutput) ToKeyUsageOptionsPtrOutputWithContext(ctx context.Context) KeyUsageOptionsPtrOutput

type KeyUsageOptionsResponse 

type KeyUsageOptionsResponse struct {
	// The key may be used to sign certificates.
	CertSign bool `pulumi:"certSign"`
	// The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
	ContentCommitment bool `pulumi:"contentCommitment"`
	// The key may be used sign certificate revocation lists.
	CrlSign bool `pulumi:"crlSign"`
	// The key may be used to encipher data.
	DataEncipherment bool `pulumi:"dataEncipherment"`
	// The key may be used to decipher only.
	DecipherOnly bool `pulumi:"decipherOnly"`
	// The key may be used for digital signatures.
	DigitalSignature bool `pulumi:"digitalSignature"`
	// The key may be used to encipher only.
	EncipherOnly bool `pulumi:"encipherOnly"`
	// The key may be used in a key agreement protocol.
	KeyAgreement bool `pulumi:"keyAgreement"`
	// The key may be used to encipher other keys.
	KeyEncipherment bool `pulumi:"keyEncipherment"`
}

KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

type KeyUsageOptionsResponseOutput 

type KeyUsageOptionsResponseOutput struct{ *pulumi.OutputState }

KeyUsage.KeyUsageOptions corresponds to the key usage values described in https://tools.ietf.org/html/rfc5280#section-4.2.1.3.

func (KeyUsageOptionsResponseOutput) CertSign 

func (o KeyUsageOptionsResponseOutput) CertSign() pulumi.BoolOutput

The key may be used to sign certificates.

func (KeyUsageOptionsResponseOutput) ContentCommitment 

func (o KeyUsageOptionsResponseOutput) ContentCommitment() pulumi.BoolOutput

The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".

func (KeyUsageOptionsResponseOutput) CrlSign 

func (o KeyUsageOptionsResponseOutput) CrlSign() pulumi.BoolOutput

The key may be used sign certificate revocation lists.

func (KeyUsageOptionsResponseOutput) DataEncipherment 

func (o KeyUsageOptionsResponseOutput) DataEncipherment() pulumi.BoolOutput

The key may be used to encipher data.

func (KeyUsageOptionsResponseOutput) DecipherOnly 

func (o KeyUsageOptionsResponseOutput) DecipherOnly() pulumi.BoolOutput

The key may be used to decipher only.

func (KeyUsageOptionsResponseOutput) DigitalSignature 

func (o KeyUsageOptionsResponseOutput) DigitalSignature() pulumi.BoolOutput

The key may be used for digital signatures.

func (KeyUsageOptionsResponseOutput) ElementType 

func (KeyUsageOptionsResponseOutput) ElementType() reflect.Type

func (KeyUsageOptionsResponseOutput) EncipherOnly 

func (o KeyUsageOptionsResponseOutput) EncipherOnly() pulumi.BoolOutput

The key may be used to encipher only.

func (KeyUsageOptionsResponseOutput) KeyAgreement 

func (o KeyUsageOptionsResponseOutput) KeyAgreement() pulumi.BoolOutput

The key may be used in a key agreement protocol.

func (KeyUsageOptionsResponseOutput) KeyEncipherment 

func (o KeyUsageOptionsResponseOutput) KeyEncipherment() pulumi.BoolOutput

The key may be used to encipher other keys.

func (KeyUsageOptionsResponseOutput) ToKeyUsageOptionsResponseOutput 

func (o KeyUsageOptionsResponseOutput) ToKeyUsageOptionsResponseOutput() KeyUsageOptionsResponseOutput

func (KeyUsageOptionsResponseOutput) ToKeyUsageOptionsResponseOutputWithContext 

func (o KeyUsageOptionsResponseOutput) ToKeyUsageOptionsResponseOutputWithContext(ctx context.Context) KeyUsageOptionsResponseOutput

type KeyUsageOutput 

type KeyUsageOutput struct{ *pulumi.OutputState }

A KeyUsage describes key usage values that may appear in an X.509 certificate.

func (KeyUsageOutput) BaseKeyUsage 

func (o KeyUsageOutput) BaseKeyUsage() KeyUsageOptionsPtrOutput

Describes high-level ways in which a key may be used.

func (KeyUsageOutput) ElementType 

func (KeyUsageOutput) ElementType() reflect.Type

func (KeyUsageOutput) ExtendedKeyUsage 

func (o KeyUsageOutput) ExtendedKeyUsage() ExtendedKeyUsageOptionsPtrOutput

Detailed scenarios in which a key may be used.

func (KeyUsageOutput) ToKeyUsageOutput 

func (o KeyUsageOutput) ToKeyUsageOutput() KeyUsageOutput

func (KeyUsageOutput) ToKeyUsageOutputWithContext 

func (o KeyUsageOutput) ToKeyUsageOutputWithContext(ctx context.Context) KeyUsageOutput

func (KeyUsageOutput) ToKeyUsagePtrOutput 

func (o KeyUsageOutput) ToKeyUsagePtrOutput() KeyUsagePtrOutput

func (KeyUsageOutput) ToKeyUsagePtrOutputWithContext 

func (o KeyUsageOutput) ToKeyUsagePtrOutputWithContext(ctx context.Context) KeyUsagePtrOutput

func (KeyUsageOutput) UnknownExtendedKeyUsages 

func (o KeyUsageOutput) UnknownExtendedKeyUsages() ObjectIdArrayOutput

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

type KeyUsagePtrInput 

type KeyUsagePtrInput interface {
	pulumi.Input

	ToKeyUsagePtrOutput() KeyUsagePtrOutput
	ToKeyUsagePtrOutputWithContext(context.Context) KeyUsagePtrOutput
}

KeyUsagePtrInput is an input type that accepts KeyUsageArgs, KeyUsagePtr and KeyUsagePtrOutput values. You can construct a concrete instance of `KeyUsagePtrInput` via: 

        KeyUsageArgs{...}

or:

        nil

func KeyUsagePtr 

func KeyUsagePtr(v *KeyUsageArgs) KeyUsagePtrInput

type KeyUsagePtrOutput 

type KeyUsagePtrOutput struct{ *pulumi.OutputState }

func (KeyUsagePtrOutput) BaseKeyUsage 

func (o KeyUsagePtrOutput) BaseKeyUsage() KeyUsageOptionsPtrOutput

Describes high-level ways in which a key may be used.

func (KeyUsagePtrOutput) Elem 

func (o KeyUsagePtrOutput) Elem() KeyUsageOutput

func (KeyUsagePtrOutput) ElementType 

func (KeyUsagePtrOutput) ElementType() reflect.Type

func (KeyUsagePtrOutput) ExtendedKeyUsage 

func (o KeyUsagePtrOutput) ExtendedKeyUsage() ExtendedKeyUsageOptionsPtrOutput

Detailed scenarios in which a key may be used.

func (KeyUsagePtrOutput) ToKeyUsagePtrOutput 

func (o KeyUsagePtrOutput) ToKeyUsagePtrOutput() KeyUsagePtrOutput

func (KeyUsagePtrOutput) ToKeyUsagePtrOutputWithContext 

func (o KeyUsagePtrOutput) ToKeyUsagePtrOutputWithContext(ctx context.Context) KeyUsagePtrOutput

func (KeyUsagePtrOutput) UnknownExtendedKeyUsages 

func (o KeyUsagePtrOutput) UnknownExtendedKeyUsages() ObjectIdArrayOutput

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

type KeyUsageResponse 

type KeyUsageResponse struct {
	// Describes high-level ways in which a key may be used.
	BaseKeyUsage KeyUsageOptionsResponse `pulumi:"baseKeyUsage"`
	// Detailed scenarios in which a key may be used.
	ExtendedKeyUsage ExtendedKeyUsageOptionsResponse `pulumi:"extendedKeyUsage"`
	// Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.
	UnknownExtendedKeyUsages []ObjectIdResponse `pulumi:"unknownExtendedKeyUsages"`
}

A KeyUsage describes key usage values that may appear in an X.509 certificate.

type KeyUsageResponseOutput 

type KeyUsageResponseOutput struct{ *pulumi.OutputState }

A KeyUsage describes key usage values that may appear in an X.509 certificate.

func (KeyUsageResponseOutput) BaseKeyUsage 

func (o KeyUsageResponseOutput) BaseKeyUsage() KeyUsageOptionsResponseOutput

Describes high-level ways in which a key may be used.

func (KeyUsageResponseOutput) ElementType 

func (KeyUsageResponseOutput) ElementType() reflect.Type

func (KeyUsageResponseOutput) ExtendedKeyUsage 

func (o KeyUsageResponseOutput) ExtendedKeyUsage() ExtendedKeyUsageOptionsResponseOutput

Detailed scenarios in which a key may be used.

func (KeyUsageResponseOutput) ToKeyUsageResponseOutput 

func (o KeyUsageResponseOutput) ToKeyUsageResponseOutput() KeyUsageResponseOutput

func (KeyUsageResponseOutput) ToKeyUsageResponseOutputWithContext 

func (o KeyUsageResponseOutput) ToKeyUsageResponseOutputWithContext(ctx context.Context) KeyUsageResponseOutput

func (KeyUsageResponseOutput) UnknownExtendedKeyUsages 

func (o KeyUsageResponseOutput) UnknownExtendedKeyUsages() ObjectIdResponseArrayOutput

Used to describe extended key usages that are not listed in the KeyUsage.ExtendedKeyUsageOptions message.

type KeyVersionSpec 

type KeyVersionSpec struct {
	// The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.
	Algorithm *KeyVersionSpecAlgorithm `pulumi:"algorithm"`
	// The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.
	CloudKmsKeyVersion *string `pulumi:"cloudKmsKeyVersion"`
}

A Cloud KMS key configuration that a CertificateAuthority will use.

type KeyVersionSpecAlgorithm 

type KeyVersionSpecAlgorithm string

The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.

func (KeyVersionSpecAlgorithm) ElementType 

func (KeyVersionSpecAlgorithm) ElementType() reflect.Type

func (KeyVersionSpecAlgorithm) ToKeyVersionSpecAlgorithmOutput added in v0.6.0 

func (e KeyVersionSpecAlgorithm) ToKeyVersionSpecAlgorithmOutput() KeyVersionSpecAlgorithmOutput

func (KeyVersionSpecAlgorithm) ToKeyVersionSpecAlgorithmOutputWithContext added in v0.6.0 

func (e KeyVersionSpecAlgorithm) ToKeyVersionSpecAlgorithmOutputWithContext(ctx context.Context) KeyVersionSpecAlgorithmOutput

func (KeyVersionSpecAlgorithm) ToKeyVersionSpecAlgorithmPtrOutput added in v0.6.0 

func (e KeyVersionSpecAlgorithm) ToKeyVersionSpecAlgorithmPtrOutput() KeyVersionSpecAlgorithmPtrOutput

func (KeyVersionSpecAlgorithm) ToKeyVersionSpecAlgorithmPtrOutputWithContext added in v0.6.0 

func (e KeyVersionSpecAlgorithm) ToKeyVersionSpecAlgorithmPtrOutputWithContext(ctx context.Context) KeyVersionSpecAlgorithmPtrOutput

func (KeyVersionSpecAlgorithm) ToStringOutput 

func (e KeyVersionSpecAlgorithm) ToStringOutput() pulumi.StringOutput

func (KeyVersionSpecAlgorithm) ToStringOutputWithContext 

func (e KeyVersionSpecAlgorithm) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (KeyVersionSpecAlgorithm) ToStringPtrOutput 

func (e KeyVersionSpecAlgorithm) ToStringPtrOutput() pulumi.StringPtrOutput

func (KeyVersionSpecAlgorithm) ToStringPtrOutputWithContext 

func (e KeyVersionSpecAlgorithm) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type KeyVersionSpecAlgorithmInput added in v0.6.0 

type KeyVersionSpecAlgorithmInput interface {
	pulumi.Input

	ToKeyVersionSpecAlgorithmOutput() KeyVersionSpecAlgorithmOutput
	ToKeyVersionSpecAlgorithmOutputWithContext(context.Context) KeyVersionSpecAlgorithmOutput
}

KeyVersionSpecAlgorithmInput is an input type that accepts KeyVersionSpecAlgorithmArgs and KeyVersionSpecAlgorithmOutput values. You can construct a concrete instance of `KeyVersionSpecAlgorithmInput` via: 

KeyVersionSpecAlgorithmArgs{...}

type KeyVersionSpecAlgorithmOutput added in v0.6.0 

type KeyVersionSpecAlgorithmOutput struct{ *pulumi.OutputState }

func (KeyVersionSpecAlgorithmOutput) ElementType added in v0.6.0 

func (KeyVersionSpecAlgorithmOutput) ElementType() reflect.Type

func (KeyVersionSpecAlgorithmOutput) ToKeyVersionSpecAlgorithmOutput added in v0.6.0 

func (o KeyVersionSpecAlgorithmOutput) ToKeyVersionSpecAlgorithmOutput() KeyVersionSpecAlgorithmOutput

func (KeyVersionSpecAlgorithmOutput) ToKeyVersionSpecAlgorithmOutputWithContext added in v0.6.0 

func (o KeyVersionSpecAlgorithmOutput) ToKeyVersionSpecAlgorithmOutputWithContext(ctx context.Context) KeyVersionSpecAlgorithmOutput

func (KeyVersionSpecAlgorithmOutput) ToKeyVersionSpecAlgorithmPtrOutput added in v0.6.0 

func (o KeyVersionSpecAlgorithmOutput) ToKeyVersionSpecAlgorithmPtrOutput() KeyVersionSpecAlgorithmPtrOutput

func (KeyVersionSpecAlgorithmOutput) ToKeyVersionSpecAlgorithmPtrOutputWithContext added in v0.6.0 

func (o KeyVersionSpecAlgorithmOutput) ToKeyVersionSpecAlgorithmPtrOutputWithContext(ctx context.Context) KeyVersionSpecAlgorithmPtrOutput

func (KeyVersionSpecAlgorithmOutput) ToStringOutput added in v0.6.0 

func (o KeyVersionSpecAlgorithmOutput) ToStringOutput() pulumi.StringOutput

func (KeyVersionSpecAlgorithmOutput) ToStringOutputWithContext added in v0.6.0 

func (o KeyVersionSpecAlgorithmOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (KeyVersionSpecAlgorithmOutput) ToStringPtrOutput added in v0.6.0 

func (o KeyVersionSpecAlgorithmOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (KeyVersionSpecAlgorithmOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o KeyVersionSpecAlgorithmOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type KeyVersionSpecAlgorithmPtrInput added in v0.6.0 

type KeyVersionSpecAlgorithmPtrInput interface {
	pulumi.Input

	ToKeyVersionSpecAlgorithmPtrOutput() KeyVersionSpecAlgorithmPtrOutput
	ToKeyVersionSpecAlgorithmPtrOutputWithContext(context.Context) KeyVersionSpecAlgorithmPtrOutput
}

func KeyVersionSpecAlgorithmPtr added in v0.6.0 

func KeyVersionSpecAlgorithmPtr(v string) KeyVersionSpecAlgorithmPtrInput

type KeyVersionSpecAlgorithmPtrOutput added in v0.6.0 

type KeyVersionSpecAlgorithmPtrOutput struct{ *pulumi.OutputState }

func (KeyVersionSpecAlgorithmPtrOutput) Elem added in v0.6.0 

func (o KeyVersionSpecAlgorithmPtrOutput) Elem() KeyVersionSpecAlgorithmOutput

func (KeyVersionSpecAlgorithmPtrOutput) ElementType added in v0.6.0 

func (KeyVersionSpecAlgorithmPtrOutput) ElementType() reflect.Type

func (KeyVersionSpecAlgorithmPtrOutput) ToKeyVersionSpecAlgorithmPtrOutput added in v0.6.0 

func (o KeyVersionSpecAlgorithmPtrOutput) ToKeyVersionSpecAlgorithmPtrOutput() KeyVersionSpecAlgorithmPtrOutput

func (KeyVersionSpecAlgorithmPtrOutput) ToKeyVersionSpecAlgorithmPtrOutputWithContext added in v0.6.0 

func (o KeyVersionSpecAlgorithmPtrOutput) ToKeyVersionSpecAlgorithmPtrOutputWithContext(ctx context.Context) KeyVersionSpecAlgorithmPtrOutput

func (KeyVersionSpecAlgorithmPtrOutput) ToStringPtrOutput added in v0.6.0 

func (o KeyVersionSpecAlgorithmPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (KeyVersionSpecAlgorithmPtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o KeyVersionSpecAlgorithmPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type KeyVersionSpecArgs 

type KeyVersionSpecArgs struct {
	// The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.
	Algorithm KeyVersionSpecAlgorithmPtrInput `pulumi:"algorithm"`
	// The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.
	CloudKmsKeyVersion pulumi.StringPtrInput `pulumi:"cloudKmsKeyVersion"`
}

A Cloud KMS key configuration that a CertificateAuthority will use.

func (KeyVersionSpecArgs) ElementType 

func (KeyVersionSpecArgs) ElementType() reflect.Type

func (KeyVersionSpecArgs) ToKeyVersionSpecOutput 

func (i KeyVersionSpecArgs) ToKeyVersionSpecOutput() KeyVersionSpecOutput

func (KeyVersionSpecArgs) ToKeyVersionSpecOutputWithContext 

func (i KeyVersionSpecArgs) ToKeyVersionSpecOutputWithContext(ctx context.Context) KeyVersionSpecOutput

type KeyVersionSpecInput 

type KeyVersionSpecInput interface {
	pulumi.Input

	ToKeyVersionSpecOutput() KeyVersionSpecOutput
	ToKeyVersionSpecOutputWithContext(context.Context) KeyVersionSpecOutput
}

KeyVersionSpecInput is an input type that accepts KeyVersionSpecArgs and KeyVersionSpecOutput values. You can construct a concrete instance of `KeyVersionSpecInput` via: 

KeyVersionSpecArgs{...}

type KeyVersionSpecOutput 

type KeyVersionSpecOutput struct{ *pulumi.OutputState }

A Cloud KMS key configuration that a CertificateAuthority will use.

func (KeyVersionSpecOutput) Algorithm 

func (o KeyVersionSpecOutput) Algorithm() KeyVersionSpecAlgorithmPtrOutput

The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.

func (KeyVersionSpecOutput) CloudKmsKeyVersion 

func (o KeyVersionSpecOutput) CloudKmsKeyVersion() pulumi.StringPtrOutput

The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.

func (KeyVersionSpecOutput) ElementType 

func (KeyVersionSpecOutput) ElementType() reflect.Type

func (KeyVersionSpecOutput) ToKeyVersionSpecOutput 

func (o KeyVersionSpecOutput) ToKeyVersionSpecOutput() KeyVersionSpecOutput

func (KeyVersionSpecOutput) ToKeyVersionSpecOutputWithContext 

func (o KeyVersionSpecOutput) ToKeyVersionSpecOutputWithContext(ctx context.Context) KeyVersionSpecOutput

type KeyVersionSpecResponse 

type KeyVersionSpecResponse struct {
	// The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.
	Algorithm string `pulumi:"algorithm"`
	// The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.
	CloudKmsKeyVersion string `pulumi:"cloudKmsKeyVersion"`
}

A Cloud KMS key configuration that a CertificateAuthority will use.

type KeyVersionSpecResponseOutput 

type KeyVersionSpecResponseOutput struct{ *pulumi.OutputState }

A Cloud KMS key configuration that a CertificateAuthority will use.

func (KeyVersionSpecResponseOutput) Algorithm 

func (o KeyVersionSpecResponseOutput) Algorithm() pulumi.StringOutput

The algorithm to use for creating a managed Cloud KMS key for a for a simplified experience. All managed keys will be have their ProtectionLevel as `HSM`.

func (KeyVersionSpecResponseOutput) CloudKmsKeyVersion 

func (o KeyVersionSpecResponseOutput) CloudKmsKeyVersion() pulumi.StringOutput

The resource name for an existing Cloud KMS CryptoKeyVersion in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. This option enables full flexibility in the key's capabilities and properties.

func (KeyVersionSpecResponseOutput) ElementType 

func (KeyVersionSpecResponseOutput) ElementType() reflect.Type

func (KeyVersionSpecResponseOutput) ToKeyVersionSpecResponseOutput 

func (o KeyVersionSpecResponseOutput) ToKeyVersionSpecResponseOutput() KeyVersionSpecResponseOutput

func (KeyVersionSpecResponseOutput) ToKeyVersionSpecResponseOutputWithContext 

func (o KeyVersionSpecResponseOutput) ToKeyVersionSpecResponseOutputWithContext(ctx context.Context) KeyVersionSpecResponseOutput

type LookupCaPoolArgs 

type LookupCaPoolArgs struct {
	CaPoolId string  `pulumi:"caPoolId"`
	Location string  `pulumi:"location"`
	Project  *string `pulumi:"project"`
}

type LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyArgs 

type LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyArgs struct {
	CaPoolId                      string  `pulumi:"caPoolId"`
	CertificateAuthorityId        string  `pulumi:"certificateAuthorityId"`
	CertificateRevocationListId   string  `pulumi:"certificateRevocationListId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *int    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputArgs added in v0.8.0 

type LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputArgs struct {
	CaPoolId                      pulumi.StringInput    `pulumi:"caPoolId"`
	CertificateAuthorityId        pulumi.StringInput    `pulumi:"certificateAuthorityId"`
	CertificateRevocationListId   pulumi.StringInput    `pulumi:"certificateRevocationListId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.IntPtrInput    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputArgs) ElementType added in v0.8.0 

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputArgs) ElementType() reflect.Type

type LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResult 

type LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicy 

func LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicy(ctx *pulumi.Context, args *LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput added in v0.8.0 

type LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput added in v0.8.0 

func LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutput(ctx *pulumi.Context, args LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) AuditConfigs added in v0.8.0 

func (o LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) Bindings added in v0.8.0 

func (o LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) ElementType added in v0.8.0 

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) ElementType() reflect.Type

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) Etag added in v0.8.0 

func (o LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) ToLookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput added in v0.8.0 

func (o LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) ToLookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput() LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) ToLookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutputWithContext added in v0.8.0 

func (o LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) ToLookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutputWithContext(ctx context.Context) LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput

func (LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) Version added in v0.8.0 

func (o LookupCaPoolCertificateAuthorityCertificateRevocationListIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupCaPoolIamPolicyArgs 

type LookupCaPoolIamPolicyArgs struct {
	CaPoolId                      string  `pulumi:"caPoolId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *int    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupCaPoolIamPolicyOutputArgs added in v0.8.0 

type LookupCaPoolIamPolicyOutputArgs struct {
	CaPoolId                      pulumi.StringInput    `pulumi:"caPoolId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.IntPtrInput    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupCaPoolIamPolicyOutputArgs) ElementType added in v0.8.0 

func (LookupCaPoolIamPolicyOutputArgs) ElementType() reflect.Type

type LookupCaPoolIamPolicyResult 

type LookupCaPoolIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupCaPoolIamPolicy 

func LookupCaPoolIamPolicy(ctx *pulumi.Context, args *LookupCaPoolIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupCaPoolIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupCaPoolIamPolicyResultOutput added in v0.8.0 

type LookupCaPoolIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupCaPoolIamPolicyOutput added in v0.8.0 

func LookupCaPoolIamPolicyOutput(ctx *pulumi.Context, args LookupCaPoolIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupCaPoolIamPolicyResultOutput

func (LookupCaPoolIamPolicyResultOutput) AuditConfigs added in v0.8.0 

func (o LookupCaPoolIamPolicyResultOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupCaPoolIamPolicyResultOutput) Bindings added in v0.8.0 

func (o LookupCaPoolIamPolicyResultOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupCaPoolIamPolicyResultOutput) ElementType added in v0.8.0 

func (LookupCaPoolIamPolicyResultOutput) ElementType() reflect.Type

func (LookupCaPoolIamPolicyResultOutput) Etag added in v0.8.0 

func (o LookupCaPoolIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupCaPoolIamPolicyResultOutput) ToLookupCaPoolIamPolicyResultOutput added in v0.8.0 

func (o LookupCaPoolIamPolicyResultOutput) ToLookupCaPoolIamPolicyResultOutput() LookupCaPoolIamPolicyResultOutput

func (LookupCaPoolIamPolicyResultOutput) ToLookupCaPoolIamPolicyResultOutputWithContext added in v0.8.0 

func (o LookupCaPoolIamPolicyResultOutput) ToLookupCaPoolIamPolicyResultOutputWithContext(ctx context.Context) LookupCaPoolIamPolicyResultOutput

func (LookupCaPoolIamPolicyResultOutput) Version added in v0.8.0 

func (o LookupCaPoolIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupCaPoolOutputArgs added in v0.8.0 

type LookupCaPoolOutputArgs struct {
	CaPoolId pulumi.StringInput    `pulumi:"caPoolId"`
	Location pulumi.StringInput    `pulumi:"location"`
	Project  pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupCaPoolOutputArgs) ElementType added in v0.8.0 

func (LookupCaPoolOutputArgs) ElementType() reflect.Type

type LookupCaPoolResult 

type LookupCaPoolResult struct {
	// Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.
	IssuancePolicy IssuancePolicyResponse `pulumi:"issuancePolicy"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `pulumi:"labels"`
	// The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.
	Name string `pulumi:"name"`
	// Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.
	PublishingOptions PublishingOptionsResponse `pulumi:"publishingOptions"`
	// Immutable. The Tier of this CaPool.
	Tier string `pulumi:"tier"`
}

func LookupCaPool 

func LookupCaPool(ctx *pulumi.Context, args *LookupCaPoolArgs, opts ...pulumi.InvokeOption) (*LookupCaPoolResult, error)

Returns a CaPool.

type LookupCaPoolResultOutput added in v0.8.0 

type LookupCaPoolResultOutput struct{ *pulumi.OutputState }

func LookupCaPoolOutput added in v0.8.0 

func LookupCaPoolOutput(ctx *pulumi.Context, args LookupCaPoolOutputArgs, opts ...pulumi.InvokeOption) LookupCaPoolResultOutput

func (LookupCaPoolResultOutput) ElementType added in v0.8.0 

func (LookupCaPoolResultOutput) ElementType() reflect.Type

func (LookupCaPoolResultOutput) IssuancePolicy added in v0.8.0 

func (o LookupCaPoolResultOutput) IssuancePolicy() IssuancePolicyResponseOutput

Optional. The IssuancePolicy to control how Certificates will be issued from this CaPool.

func (LookupCaPoolResultOutput) Labels added in v0.8.0 

func (o LookupCaPoolResultOutput) Labels() pulumi.StringMapOutput

Optional. Labels with user-defined metadata.

func (LookupCaPoolResultOutput) Name added in v0.8.0 

func (o LookupCaPoolResultOutput) Name() pulumi.StringOutput

The resource name for this CaPool in the format `projects/*/locations/*/caPools/*`.

func (LookupCaPoolResultOutput) PublishingOptions added in v0.8.0 

func (o LookupCaPoolResultOutput) PublishingOptions() PublishingOptionsResponseOutput

Optional. The PublishingOptions to follow when issuing Certificates from any CertificateAuthority in this CaPool.

func (LookupCaPoolResultOutput) Tier added in v0.8.0 

func (o LookupCaPoolResultOutput) Tier() pulumi.StringOutput

Immutable. The Tier of this CaPool.

func (LookupCaPoolResultOutput) ToLookupCaPoolResultOutput added in v0.8.0 

func (o LookupCaPoolResultOutput) ToLookupCaPoolResultOutput() LookupCaPoolResultOutput

func (LookupCaPoolResultOutput) ToLookupCaPoolResultOutputWithContext added in v0.8.0 

func (o LookupCaPoolResultOutput) ToLookupCaPoolResultOutputWithContext(ctx context.Context) LookupCaPoolResultOutput

type LookupCertificateArgs 

type LookupCertificateArgs struct {
	CaPoolId      string  `pulumi:"caPoolId"`
	CertificateId string  `pulumi:"certificateId"`
	Location      string  `pulumi:"location"`
	Project       *string `pulumi:"project"`
}

type LookupCertificateAuthorityArgs 

type LookupCertificateAuthorityArgs struct {
	CaPoolId               string  `pulumi:"caPoolId"`
	CertificateAuthorityId string  `pulumi:"certificateAuthorityId"`
	Location               string  `pulumi:"location"`
	Project                *string `pulumi:"project"`
}

type LookupCertificateAuthorityOutputArgs added in v0.8.0 

type LookupCertificateAuthorityOutputArgs struct {
	CaPoolId               pulumi.StringInput    `pulumi:"caPoolId"`
	CertificateAuthorityId pulumi.StringInput    `pulumi:"certificateAuthorityId"`
	Location               pulumi.StringInput    `pulumi:"location"`
	Project                pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupCertificateAuthorityOutputArgs) ElementType added in v0.8.0 

func (LookupCertificateAuthorityOutputArgs) ElementType() reflect.Type

type LookupCertificateAuthorityResult 

type LookupCertificateAuthorityResult struct {
	// URLs for accessing content published by this CA, such as the CA certificate and CRLs.
	AccessUrls AccessUrlsResponse `pulumi:"accessUrls"`
	// A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.
	CaCertificateDescriptions []CertificateDescriptionResponse `pulumi:"caCertificateDescriptions"`
	// Immutable. The config used to create a self-signed X.509 certificate or CSR.
	Config CertificateConfigResponse `pulumi:"config"`
	// The time at which this CertificateAuthority was created.
	CreateTime string `pulumi:"createTime"`
	// The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.
	DeleteTime string `pulumi:"deleteTime"`
	// The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.
	ExpireTime string `pulumi:"expireTime"`
	// Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.
	GcsBucket string `pulumi:"gcsBucket"`
	// Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.
	KeySpec KeyVersionSpecResponse `pulumi:"keySpec"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `pulumi:"labels"`
	// Immutable. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.
	Lifetime string `pulumi:"lifetime"`
	// The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	Name string `pulumi:"name"`
	// This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.
	PemCaCertificates []string `pulumi:"pemCaCertificates"`
	// The State for this CertificateAuthority.
	State string `pulumi:"state"`
	// Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.
	SubordinateConfig SubordinateConfigResponse `pulumi:"subordinateConfig"`
	// The CaPool.Tier of the CaPool that includes this CertificateAuthority.
	Tier string `pulumi:"tier"`
	// Immutable. The Type of this CertificateAuthority.
	Type string `pulumi:"type"`
	// The time at which this CertificateAuthority was last updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupCertificateAuthority 

func LookupCertificateAuthority(ctx *pulumi.Context, args *LookupCertificateAuthorityArgs, opts ...pulumi.InvokeOption) (*LookupCertificateAuthorityResult, error)

Returns a CertificateAuthority.

type LookupCertificateAuthorityResultOutput added in v0.8.0 

type LookupCertificateAuthorityResultOutput struct{ *pulumi.OutputState }

func LookupCertificateAuthorityOutput added in v0.8.0 

func LookupCertificateAuthorityOutput(ctx *pulumi.Context, args LookupCertificateAuthorityOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) AccessUrls added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) AccessUrls() AccessUrlsResponseOutput

URLs for accessing content published by this CA, such as the CA certificate and CRLs.

func (LookupCertificateAuthorityResultOutput) CaCertificateDescriptions added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) CaCertificateDescriptions() CertificateDescriptionResponseArrayOutput

A structured description of this CertificateAuthority's CA certificate and its issuers. Ordered as self-to-root.

func (LookupCertificateAuthorityResultOutput) Config added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) Config() CertificateConfigResponseOutput

Immutable. The config used to create a self-signed X.509 certificate or CSR.

func (LookupCertificateAuthorityResultOutput) CreateTime added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) CreateTime() pulumi.StringOutput

The time at which this CertificateAuthority was created.

func (LookupCertificateAuthorityResultOutput) DeleteTime added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) DeleteTime() pulumi.StringOutput

The time at which this CertificateAuthority was soft deleted, if it is in the DELETED state.

func (LookupCertificateAuthorityResultOutput) ElementType added in v0.8.0 

func (LookupCertificateAuthorityResultOutput) ElementType() reflect.Type

func (LookupCertificateAuthorityResultOutput) ExpireTime added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) ExpireTime() pulumi.StringOutput

The time at which this CertificateAuthority will be permanently purged, if it is in the DELETED state.

func (LookupCertificateAuthorityResultOutput) GcsBucket added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) GcsBucket() pulumi.StringOutput

Immutable. The name of a Cloud Storage bucket where this CertificateAuthority will publish content, such as the CA certificate and CRLs. This must be a bucket name, without any prefixes (such as `gs://`) or suffixes (such as `.googleapis.com`). For example, to use a bucket named `my-bucket`, you would simply specify `my-bucket`. If not specified, a managed bucket will be created.

func (LookupCertificateAuthorityResultOutput) KeySpec added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) KeySpec() KeyVersionSpecResponseOutput

Immutable. Used when issuing certificates for this CertificateAuthority. If this CertificateAuthority is a self-signed CertificateAuthority, this key is also used to sign the self-signed CA certificate. Otherwise, it is used to sign a CSR.

func (LookupCertificateAuthorityResultOutput) Labels added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) Labels() pulumi.StringMapOutput

Optional. Labels with user-defined metadata.

func (LookupCertificateAuthorityResultOutput) Lifetime added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) Lifetime() pulumi.StringOutput

Immutable. The desired lifetime of the CA certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate.

func (LookupCertificateAuthorityResultOutput) Name added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) Name() pulumi.StringOutput

The resource name for this CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.

func (LookupCertificateAuthorityResultOutput) PemCaCertificates added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) PemCaCertificates() pulumi.StringArrayOutput

This CertificateAuthority's certificate chain, including the current CertificateAuthority's certificate. Ordered such that the root issuer is the final element (consistent with RFC 5246). For a self-signed CA, this will only list the current CertificateAuthority's certificate.

func (LookupCertificateAuthorityResultOutput) State added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) State() pulumi.StringOutput

The State for this CertificateAuthority.

func (LookupCertificateAuthorityResultOutput) SubordinateConfig added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) SubordinateConfig() SubordinateConfigResponseOutput

Optional. If this is a subordinate CertificateAuthority, this field will be set with the subordinate configuration, which describes its issuers. This may be updated, but this CertificateAuthority must continue to validate.

func (LookupCertificateAuthorityResultOutput) Tier added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) Tier() pulumi.StringOutput

The CaPool.Tier of the CaPool that includes this CertificateAuthority.

func (LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutput added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutput() LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutputWithContext added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) ToLookupCertificateAuthorityResultOutputWithContext(ctx context.Context) LookupCertificateAuthorityResultOutput

func (LookupCertificateAuthorityResultOutput) Type added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) Type() pulumi.StringOutput

Immutable. The Type of this CertificateAuthority.

func (LookupCertificateAuthorityResultOutput) UpdateTime added in v0.8.0 

func (o LookupCertificateAuthorityResultOutput) UpdateTime() pulumi.StringOutput

The time at which this CertificateAuthority was last updated.

type LookupCertificateOutputArgs added in v0.8.0 

type LookupCertificateOutputArgs struct {
	CaPoolId      pulumi.StringInput    `pulumi:"caPoolId"`
	CertificateId pulumi.StringInput    `pulumi:"certificateId"`
	Location      pulumi.StringInput    `pulumi:"location"`
	Project       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupCertificateOutputArgs) ElementType added in v0.8.0 

func (LookupCertificateOutputArgs) ElementType() reflect.Type

type LookupCertificateResult 

type LookupCertificateResult struct {
	// A structured description of the issued X.509 certificate.
	CertificateDescription CertificateDescriptionResponse `pulumi:"certificateDescription"`
	// Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.
	CertificateTemplate string `pulumi:"certificateTemplate"`
	// Immutable. A description of the certificate and key that does not require X.509 or ASN.1.
	Config CertificateConfigResponse `pulumi:"config"`
	// The time at which this Certificate was created.
	CreateTime string `pulumi:"createTime"`
	// The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	IssuerCertificateAuthority string `pulumi:"issuerCertificateAuthority"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `pulumi:"labels"`
	// Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.
	Lifetime string `pulumi:"lifetime"`
	// The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.
	Name string `pulumi:"name"`
	// The pem-encoded, signed X.509 certificate.
	PemCertificate string `pulumi:"pemCertificate"`
	// The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.
	PemCertificateChain []string `pulumi:"pemCertificateChain"`
	// Immutable. A pem-encoded X.509 certificate signing request (CSR).
	PemCsr string `pulumi:"pemCsr"`
	// Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.
	RevocationDetails RevocationDetailsResponse `pulumi:"revocationDetails"`
	// Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.
	SubjectMode string `pulumi:"subjectMode"`
	// The time at which this Certificate was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupCertificate 

func LookupCertificate(ctx *pulumi.Context, args *LookupCertificateArgs, opts ...pulumi.InvokeOption) (*LookupCertificateResult, error)

Returns a Certificate.

type LookupCertificateResultOutput added in v0.8.0 

type LookupCertificateResultOutput struct{ *pulumi.OutputState }

func LookupCertificateOutput added in v0.8.0 

func LookupCertificateOutput(ctx *pulumi.Context, args LookupCertificateOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateResultOutput

func (LookupCertificateResultOutput) CertificateDescription added in v0.8.0 

func (o LookupCertificateResultOutput) CertificateDescription() CertificateDescriptionResponseOutput

A structured description of the issued X.509 certificate.

func (LookupCertificateResultOutput) CertificateTemplate added in v0.8.0 

func (o LookupCertificateResultOutput) CertificateTemplate() pulumi.StringOutput

Immutable. The resource name for a CertificateTemplate used to issue this certificate, in the format `projects/*/locations/*/certificateTemplates/*`. If this is specified, the caller must have the necessary permission to use this template. If this is omitted, no template will be used. This template must be in the same location as the Certificate.

func (LookupCertificateResultOutput) Config added in v0.8.0 

func (o LookupCertificateResultOutput) Config() CertificateConfigResponseOutput

Immutable. A description of the certificate and key that does not require X.509 or ASN.1.

func (LookupCertificateResultOutput) CreateTime added in v0.8.0 

func (o LookupCertificateResultOutput) CreateTime() pulumi.StringOutput

The time at which this Certificate was created.

func (LookupCertificateResultOutput) ElementType added in v0.8.0 

func (LookupCertificateResultOutput) ElementType() reflect.Type

func (LookupCertificateResultOutput) IssuerCertificateAuthority added in v0.8.0 

func (o LookupCertificateResultOutput) IssuerCertificateAuthority() pulumi.StringOutput

The resource name of the issuing CertificateAuthority in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.

func (LookupCertificateResultOutput) Labels added in v0.8.0 

func (o LookupCertificateResultOutput) Labels() pulumi.StringMapOutput

Optional. Labels with user-defined metadata.

func (LookupCertificateResultOutput) Lifetime added in v0.8.0 

func (o LookupCertificateResultOutput) Lifetime() pulumi.StringOutput

Immutable. The desired lifetime of a certificate. Used to create the "not_before_time" and "not_after_time" fields inside an X.509 certificate. Note that the lifetime may be truncated if it would extend past the life of any certificate authority in the issuing chain.

func (LookupCertificateResultOutput) Name added in v0.8.0 

func (o LookupCertificateResultOutput) Name() pulumi.StringOutput

The resource name for this Certificate in the format `projects/*/locations/*/caPools/*/certificates/*`.

func (LookupCertificateResultOutput) PemCertificate added in v0.8.0 

func (o LookupCertificateResultOutput) PemCertificate() pulumi.StringOutput

The pem-encoded, signed X.509 certificate.

func (LookupCertificateResultOutput) PemCertificateChain added in v0.8.0 

func (o LookupCertificateResultOutput) PemCertificateChain() pulumi.StringArrayOutput

The chain that may be used to verify the X.509 certificate. Expected to be in issuer-to-root order according to RFC 5246.

func (LookupCertificateResultOutput) PemCsr added in v0.8.0 

func (o LookupCertificateResultOutput) PemCsr() pulumi.StringOutput

Immutable. A pem-encoded X.509 certificate signing request (CSR).

func (LookupCertificateResultOutput) RevocationDetails added in v0.8.0 

func (o LookupCertificateResultOutput) RevocationDetails() RevocationDetailsResponseOutput

Details regarding the revocation of this Certificate. This Certificate is considered revoked if and only if this field is present.

func (LookupCertificateResultOutput) SubjectMode added in v0.8.0 

func (o LookupCertificateResultOutput) SubjectMode() pulumi.StringOutput

Immutable. Specifies how the Certificate's identity fields are to be decided. If this is omitted, the `DEFAULT` subject mode will be used.

func (LookupCertificateResultOutput) ToLookupCertificateResultOutput added in v0.8.0 

func (o LookupCertificateResultOutput) ToLookupCertificateResultOutput() LookupCertificateResultOutput

func (LookupCertificateResultOutput) ToLookupCertificateResultOutputWithContext added in v0.8.0 

func (o LookupCertificateResultOutput) ToLookupCertificateResultOutputWithContext(ctx context.Context) LookupCertificateResultOutput

func (LookupCertificateResultOutput) UpdateTime added in v0.8.0 

func (o LookupCertificateResultOutput) UpdateTime() pulumi.StringOutput

The time at which this Certificate was updated.

type LookupCertificateTemplateArgs 

type LookupCertificateTemplateArgs struct {
	CertificateTemplateId string  `pulumi:"certificateTemplateId"`
	Location              string  `pulumi:"location"`
	Project               *string `pulumi:"project"`
}

type LookupCertificateTemplateIamPolicyArgs 

type LookupCertificateTemplateIamPolicyArgs struct {
	CertificateTemplateId         string  `pulumi:"certificateTemplateId"`
	Location                      string  `pulumi:"location"`
	OptionsRequestedPolicyVersion *int    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       *string `pulumi:"project"`
}

type LookupCertificateTemplateIamPolicyOutputArgs added in v0.8.0 

type LookupCertificateTemplateIamPolicyOutputArgs struct {
	CertificateTemplateId         pulumi.StringInput    `pulumi:"certificateTemplateId"`
	Location                      pulumi.StringInput    `pulumi:"location"`
	OptionsRequestedPolicyVersion pulumi.IntPtrInput    `pulumi:"optionsRequestedPolicyVersion"`
	Project                       pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupCertificateTemplateIamPolicyOutputArgs) ElementType added in v0.8.0 

func (LookupCertificateTemplateIamPolicyOutputArgs) ElementType() reflect.Type

type LookupCertificateTemplateIamPolicyResult 

type LookupCertificateTemplateIamPolicyResult struct {
	// Specifies cloud audit logging configuration for this policy.
	AuditConfigs []AuditConfigResponse `pulumi:"auditConfigs"`
	// Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.
	Bindings []BindingResponse `pulumi:"bindings"`
	// `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.
	Etag string `pulumi:"etag"`
	// Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).
	Version int `pulumi:"version"`
}

func LookupCertificateTemplateIamPolicy 

func LookupCertificateTemplateIamPolicy(ctx *pulumi.Context, args *LookupCertificateTemplateIamPolicyArgs, opts ...pulumi.InvokeOption) (*LookupCertificateTemplateIamPolicyResult, error)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

type LookupCertificateTemplateIamPolicyResultOutput added in v0.8.0 

type LookupCertificateTemplateIamPolicyResultOutput struct{ *pulumi.OutputState }

func LookupCertificateTemplateIamPolicyOutput added in v0.8.0 

func LookupCertificateTemplateIamPolicyOutput(ctx *pulumi.Context, args LookupCertificateTemplateIamPolicyOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateTemplateIamPolicyResultOutput

func (LookupCertificateTemplateIamPolicyResultOutput) AuditConfigs added in v0.8.0 

func (o LookupCertificateTemplateIamPolicyResultOutput) AuditConfigs() AuditConfigResponseArrayOutput

Specifies cloud audit logging configuration for this policy.

func (LookupCertificateTemplateIamPolicyResultOutput) Bindings added in v0.8.0 

func (o LookupCertificateTemplateIamPolicyResultOutput) Bindings() BindingResponseArrayOutput

Associates a list of `members`, or principals, with a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one principal. The `bindings` in a `Policy` can refer to up to 1,500 principals; up to 250 of these principals can be Google groups. Each occurrence of a principal counts towards these limits. For example, if the `bindings` grant 50 different roles to `user:alice@example.com`, and not to any other principal, then you can add another 1,450 principals to the `bindings` in the `Policy`.

func (LookupCertificateTemplateIamPolicyResultOutput) ElementType added in v0.8.0 

func (LookupCertificateTemplateIamPolicyResultOutput) ElementType() reflect.Type

func (LookupCertificateTemplateIamPolicyResultOutput) Etag added in v0.8.0 

func (o LookupCertificateTemplateIamPolicyResultOutput) Etag() pulumi.StringOutput

`etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost.

func (LookupCertificateTemplateIamPolicyResultOutput) ToLookupCertificateTemplateIamPolicyResultOutput added in v0.8.0 

func (o LookupCertificateTemplateIamPolicyResultOutput) ToLookupCertificateTemplateIamPolicyResultOutput() LookupCertificateTemplateIamPolicyResultOutput

func (LookupCertificateTemplateIamPolicyResultOutput) ToLookupCertificateTemplateIamPolicyResultOutputWithContext added in v0.8.0 

func (o LookupCertificateTemplateIamPolicyResultOutput) ToLookupCertificateTemplateIamPolicyResultOutputWithContext(ctx context.Context) LookupCertificateTemplateIamPolicyResultOutput

func (LookupCertificateTemplateIamPolicyResultOutput) Version added in v0.8.0 

func (o LookupCertificateTemplateIamPolicyResultOutput) Version() pulumi.IntOutput

Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies).

type LookupCertificateTemplateOutputArgs added in v0.8.0 

type LookupCertificateTemplateOutputArgs struct {
	CertificateTemplateId pulumi.StringInput    `pulumi:"certificateTemplateId"`
	Location              pulumi.StringInput    `pulumi:"location"`
	Project               pulumi.StringPtrInput `pulumi:"project"`
}

func (LookupCertificateTemplateOutputArgs) ElementType added in v0.8.0 

func (LookupCertificateTemplateOutputArgs) ElementType() reflect.Type

type LookupCertificateTemplateResult 

type LookupCertificateTemplateResult struct {
	// The time at which this CertificateTemplate was created.
	CreateTime string `pulumi:"createTime"`
	// Optional. A human-readable description of scenarios this template is intended for.
	Description string `pulumi:"description"`
	// Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
	IdentityConstraints CertificateIdentityConstraintsResponse `pulumi:"identityConstraints"`
	// Optional. Labels with user-defined metadata.
	Labels map[string]string `pulumi:"labels"`
	// Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
	MaximumLifetime string `pulumi:"maximumLifetime"`
	// The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
	Name string `pulumi:"name"`
	// Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
	PassthroughExtensions CertificateExtensionConstraintsResponse `pulumi:"passthroughExtensions"`
	// Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.
	PredefinedValues X509ParametersResponse `pulumi:"predefinedValues"`
	// The time at which this CertificateTemplate was updated.
	UpdateTime string `pulumi:"updateTime"`
}

func LookupCertificateTemplate 

func LookupCertificateTemplate(ctx *pulumi.Context, args *LookupCertificateTemplateArgs, opts ...pulumi.InvokeOption) (*LookupCertificateTemplateResult, error)

Returns a CertificateTemplate.

type LookupCertificateTemplateResultOutput added in v0.8.0 

type LookupCertificateTemplateResultOutput struct{ *pulumi.OutputState }

func LookupCertificateTemplateOutput added in v0.8.0 

func LookupCertificateTemplateOutput(ctx *pulumi.Context, args LookupCertificateTemplateOutputArgs, opts ...pulumi.InvokeOption) LookupCertificateTemplateResultOutput

func (LookupCertificateTemplateResultOutput) CreateTime added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) CreateTime() pulumi.StringOutput

The time at which this CertificateTemplate was created.

func (LookupCertificateTemplateResultOutput) Description added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) Description() pulumi.StringOutput

Optional. A human-readable description of scenarios this template is intended for.

func (LookupCertificateTemplateResultOutput) ElementType added in v0.8.0 

func (LookupCertificateTemplateResultOutput) ElementType() reflect.Type

func (LookupCertificateTemplateResultOutput) IdentityConstraints added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) IdentityConstraints() CertificateIdentityConstraintsResponseOutput

Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.

func (LookupCertificateTemplateResultOutput) Labels added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) Labels() pulumi.StringMapOutput

Optional. Labels with user-defined metadata.

func (LookupCertificateTemplateResultOutput) MaximumLifetime added in v0.32.0 

func (o LookupCertificateTemplateResultOutput) MaximumLifetime() pulumi.StringOutput

Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.

func (LookupCertificateTemplateResultOutput) Name added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) Name() pulumi.StringOutput

The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.

func (LookupCertificateTemplateResultOutput) PassthroughExtensions added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) PassthroughExtensions() CertificateExtensionConstraintsResponseOutput

Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.

func (LookupCertificateTemplateResultOutput) PredefinedValues added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) PredefinedValues() X509ParametersResponseOutput

Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.

func (LookupCertificateTemplateResultOutput) ToLookupCertificateTemplateResultOutput added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) ToLookupCertificateTemplateResultOutput() LookupCertificateTemplateResultOutput

func (LookupCertificateTemplateResultOutput) ToLookupCertificateTemplateResultOutputWithContext added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) ToLookupCertificateTemplateResultOutputWithContext(ctx context.Context) LookupCertificateTemplateResultOutput

func (LookupCertificateTemplateResultOutput) UpdateTime added in v0.8.0 

func (o LookupCertificateTemplateResultOutput) UpdateTime() pulumi.StringOutput

The time at which this CertificateTemplate was updated.

type NameConstraints added in v0.29.0 

type NameConstraints struct {
	// Indicates whether or not the name constraints are marked critical.
	Critical *bool `pulumi:"critical"`
	// Contains excluded DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.
	ExcludedDnsNames []string `pulumi:"excludedDnsNames"`
	// Contains the excluded email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.
	ExcludedEmailAddresses []string `pulumi:"excludedEmailAddresses"`
	// Contains the excluded IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.
	ExcludedIpRanges []string `pulumi:"excludedIpRanges"`
	// Contains the excluded URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)
	ExcludedUris []string `pulumi:"excludedUris"`
	// Contains permitted DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.
	PermittedDnsNames []string `pulumi:"permittedDnsNames"`
	// Contains the permitted email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.
	PermittedEmailAddresses []string `pulumi:"permittedEmailAddresses"`
	// Contains the permitted IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.
	PermittedIpRanges []string `pulumi:"permittedIpRanges"`
	// Contains the permitted URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)
	PermittedUris []string `pulumi:"permittedUris"`
}

Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10

type NameConstraintsArgs added in v0.29.0 

type NameConstraintsArgs struct {
	// Indicates whether or not the name constraints are marked critical.
	Critical pulumi.BoolPtrInput `pulumi:"critical"`
	// Contains excluded DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.
	ExcludedDnsNames pulumi.StringArrayInput `pulumi:"excludedDnsNames"`
	// Contains the excluded email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.
	ExcludedEmailAddresses pulumi.StringArrayInput `pulumi:"excludedEmailAddresses"`
	// Contains the excluded IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.
	ExcludedIpRanges pulumi.StringArrayInput `pulumi:"excludedIpRanges"`
	// Contains the excluded URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)
	ExcludedUris pulumi.StringArrayInput `pulumi:"excludedUris"`
	// Contains permitted DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.
	PermittedDnsNames pulumi.StringArrayInput `pulumi:"permittedDnsNames"`
	// Contains the permitted email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.
	PermittedEmailAddresses pulumi.StringArrayInput `pulumi:"permittedEmailAddresses"`
	// Contains the permitted IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.
	PermittedIpRanges pulumi.StringArrayInput `pulumi:"permittedIpRanges"`
	// Contains the permitted URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)
	PermittedUris pulumi.StringArrayInput `pulumi:"permittedUris"`
}

Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10

func (NameConstraintsArgs) ElementType added in v0.29.0 

func (NameConstraintsArgs) ElementType() reflect.Type

func (NameConstraintsArgs) ToNameConstraintsOutput added in v0.29.0 

func (i NameConstraintsArgs) ToNameConstraintsOutput() NameConstraintsOutput

func (NameConstraintsArgs) ToNameConstraintsOutputWithContext added in v0.29.0 

func (i NameConstraintsArgs) ToNameConstraintsOutputWithContext(ctx context.Context) NameConstraintsOutput

func (NameConstraintsArgs) ToNameConstraintsPtrOutput added in v0.29.0 

func (i NameConstraintsArgs) ToNameConstraintsPtrOutput() NameConstraintsPtrOutput

func (NameConstraintsArgs) ToNameConstraintsPtrOutputWithContext added in v0.29.0 

func (i NameConstraintsArgs) ToNameConstraintsPtrOutputWithContext(ctx context.Context) NameConstraintsPtrOutput

type NameConstraintsInput added in v0.29.0 

type NameConstraintsInput interface {
	pulumi.Input

	ToNameConstraintsOutput() NameConstraintsOutput
	ToNameConstraintsOutputWithContext(context.Context) NameConstraintsOutput
}

NameConstraintsInput is an input type that accepts NameConstraintsArgs and NameConstraintsOutput values. You can construct a concrete instance of `NameConstraintsInput` via: 

NameConstraintsArgs{...}

type NameConstraintsOutput added in v0.29.0 

type NameConstraintsOutput struct{ *pulumi.OutputState }

Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10

func (NameConstraintsOutput) Critical added in v0.29.0 

func (o NameConstraintsOutput) Critical() pulumi.BoolPtrOutput

Indicates whether or not the name constraints are marked critical.

func (NameConstraintsOutput) ElementType added in v0.29.0 

func (NameConstraintsOutput) ElementType() reflect.Type

func (NameConstraintsOutput) ExcludedDnsNames added in v0.29.0 

func (o NameConstraintsOutput) ExcludedDnsNames() pulumi.StringArrayOutput

Contains excluded DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.

func (NameConstraintsOutput) ExcludedEmailAddresses added in v0.29.0 

func (o NameConstraintsOutput) ExcludedEmailAddresses() pulumi.StringArrayOutput

Contains the excluded email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.

func (NameConstraintsOutput) ExcludedIpRanges added in v0.29.0 

func (o NameConstraintsOutput) ExcludedIpRanges() pulumi.StringArrayOutput

Contains the excluded IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.

func (NameConstraintsOutput) ExcludedUris added in v0.29.0 

func (o NameConstraintsOutput) ExcludedUris() pulumi.StringArrayOutput

Contains the excluded URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)

func (NameConstraintsOutput) PermittedDnsNames added in v0.29.0 

func (o NameConstraintsOutput) PermittedDnsNames() pulumi.StringArrayOutput

Contains permitted DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.

func (NameConstraintsOutput) PermittedEmailAddresses added in v0.29.0 

func (o NameConstraintsOutput) PermittedEmailAddresses() pulumi.StringArrayOutput

Contains the permitted email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.

func (NameConstraintsOutput) PermittedIpRanges added in v0.29.0 

func (o NameConstraintsOutput) PermittedIpRanges() pulumi.StringArrayOutput

Contains the permitted IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.

func (NameConstraintsOutput) PermittedUris added in v0.29.0 

func (o NameConstraintsOutput) PermittedUris() pulumi.StringArrayOutput

Contains the permitted URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)

func (NameConstraintsOutput) ToNameConstraintsOutput added in v0.29.0 

func (o NameConstraintsOutput) ToNameConstraintsOutput() NameConstraintsOutput

func (NameConstraintsOutput) ToNameConstraintsOutputWithContext added in v0.29.0 

func (o NameConstraintsOutput) ToNameConstraintsOutputWithContext(ctx context.Context) NameConstraintsOutput

func (NameConstraintsOutput) ToNameConstraintsPtrOutput added in v0.29.0 

func (o NameConstraintsOutput) ToNameConstraintsPtrOutput() NameConstraintsPtrOutput

func (NameConstraintsOutput) ToNameConstraintsPtrOutputWithContext added in v0.29.0 

func (o NameConstraintsOutput) ToNameConstraintsPtrOutputWithContext(ctx context.Context) NameConstraintsPtrOutput

type NameConstraintsPtrInput added in v0.29.0 

type NameConstraintsPtrInput interface {
	pulumi.Input

	ToNameConstraintsPtrOutput() NameConstraintsPtrOutput
	ToNameConstraintsPtrOutputWithContext(context.Context) NameConstraintsPtrOutput
}

NameConstraintsPtrInput is an input type that accepts NameConstraintsArgs, NameConstraintsPtr and NameConstraintsPtrOutput values. You can construct a concrete instance of `NameConstraintsPtrInput` via: 

        NameConstraintsArgs{...}

or:

        nil

func NameConstraintsPtr added in v0.29.0 

func NameConstraintsPtr(v *NameConstraintsArgs) NameConstraintsPtrInput

type NameConstraintsPtrOutput added in v0.29.0 

type NameConstraintsPtrOutput struct{ *pulumi.OutputState }

func (NameConstraintsPtrOutput) Critical added in v0.29.0 

func (o NameConstraintsPtrOutput) Critical() pulumi.BoolPtrOutput

Indicates whether or not the name constraints are marked critical.

func (NameConstraintsPtrOutput) Elem added in v0.29.0 

func (o NameConstraintsPtrOutput) Elem() NameConstraintsOutput

func (NameConstraintsPtrOutput) ElementType added in v0.29.0 

func (NameConstraintsPtrOutput) ElementType() reflect.Type

func (NameConstraintsPtrOutput) ExcludedDnsNames added in v0.29.0 

func (o NameConstraintsPtrOutput) ExcludedDnsNames() pulumi.StringArrayOutput

Contains excluded DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.

func (NameConstraintsPtrOutput) ExcludedEmailAddresses added in v0.29.0 

func (o NameConstraintsPtrOutput) ExcludedEmailAddresses() pulumi.StringArrayOutput

Contains the excluded email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.

func (NameConstraintsPtrOutput) ExcludedIpRanges added in v0.29.0 

func (o NameConstraintsPtrOutput) ExcludedIpRanges() pulumi.StringArrayOutput

Contains the excluded IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.

func (NameConstraintsPtrOutput) ExcludedUris added in v0.29.0 

func (o NameConstraintsPtrOutput) ExcludedUris() pulumi.StringArrayOutput

Contains the excluded URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)

func (NameConstraintsPtrOutput) PermittedDnsNames added in v0.29.0 

func (o NameConstraintsPtrOutput) PermittedDnsNames() pulumi.StringArrayOutput

Contains permitted DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.

func (NameConstraintsPtrOutput) PermittedEmailAddresses added in v0.29.0 

func (o NameConstraintsPtrOutput) PermittedEmailAddresses() pulumi.StringArrayOutput

Contains the permitted email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.

func (NameConstraintsPtrOutput) PermittedIpRanges added in v0.29.0 

func (o NameConstraintsPtrOutput) PermittedIpRanges() pulumi.StringArrayOutput

Contains the permitted IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.

func (NameConstraintsPtrOutput) PermittedUris added in v0.29.0 

func (o NameConstraintsPtrOutput) PermittedUris() pulumi.StringArrayOutput

Contains the permitted URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)

func (NameConstraintsPtrOutput) ToNameConstraintsPtrOutput added in v0.29.0 

func (o NameConstraintsPtrOutput) ToNameConstraintsPtrOutput() NameConstraintsPtrOutput

func (NameConstraintsPtrOutput) ToNameConstraintsPtrOutputWithContext added in v0.29.0 

func (o NameConstraintsPtrOutput) ToNameConstraintsPtrOutputWithContext(ctx context.Context) NameConstraintsPtrOutput

type NameConstraintsResponse added in v0.29.0 

type NameConstraintsResponse struct {
	// Indicates whether or not the name constraints are marked critical.
	Critical bool `pulumi:"critical"`
	// Contains excluded DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.
	ExcludedDnsNames []string `pulumi:"excludedDnsNames"`
	// Contains the excluded email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.
	ExcludedEmailAddresses []string `pulumi:"excludedEmailAddresses"`
	// Contains the excluded IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.
	ExcludedIpRanges []string `pulumi:"excludedIpRanges"`
	// Contains the excluded URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)
	ExcludedUris []string `pulumi:"excludedUris"`
	// Contains permitted DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.
	PermittedDnsNames []string `pulumi:"permittedDnsNames"`
	// Contains the permitted email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.
	PermittedEmailAddresses []string `pulumi:"permittedEmailAddresses"`
	// Contains the permitted IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.
	PermittedIpRanges []string `pulumi:"permittedIpRanges"`
	// Contains the permitted URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)
	PermittedUris []string `pulumi:"permittedUris"`
}

Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10

type NameConstraintsResponseOutput added in v0.29.0 

type NameConstraintsResponseOutput struct{ *pulumi.OutputState }

Describes the X.509 name constraints extension, per https://tools.ietf.org/html/rfc5280#section-4.2.1.10

func (NameConstraintsResponseOutput) Critical added in v0.29.0 

func (o NameConstraintsResponseOutput) Critical() pulumi.BoolOutput

Indicates whether or not the name constraints are marked critical.

func (NameConstraintsResponseOutput) ElementType added in v0.29.0 

func (NameConstraintsResponseOutput) ElementType() reflect.Type

func (NameConstraintsResponseOutput) ExcludedDnsNames added in v0.29.0 

func (o NameConstraintsResponseOutput) ExcludedDnsNames() pulumi.StringArrayOutput

Contains excluded DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.

func (NameConstraintsResponseOutput) ExcludedEmailAddresses added in v0.29.0 

func (o NameConstraintsResponseOutput) ExcludedEmailAddresses() pulumi.StringArrayOutput

Contains the excluded email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.

func (NameConstraintsResponseOutput) ExcludedIpRanges added in v0.29.0 

func (o NameConstraintsResponseOutput) ExcludedIpRanges() pulumi.StringArrayOutput

Contains the excluded IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.

func (NameConstraintsResponseOutput) ExcludedUris added in v0.29.0 

func (o NameConstraintsResponseOutput) ExcludedUris() pulumi.StringArrayOutput

Contains the excluded URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)

func (NameConstraintsResponseOutput) PermittedDnsNames added in v0.29.0 

func (o NameConstraintsResponseOutput) PermittedDnsNames() pulumi.StringArrayOutput

Contains permitted DNS names. Any DNS name that can be constructed by simply adding zero or more labels to the left-hand side of the name satisfies the name constraint. For example, `example.com`, `www.example.com`, `www.sub.example.com` would satisfy `example.com` while `example1.com` does not.

func (NameConstraintsResponseOutput) PermittedEmailAddresses added in v0.29.0 

func (o NameConstraintsResponseOutput) PermittedEmailAddresses() pulumi.StringArrayOutput

Contains the permitted email addresses. The value can be a particular email address, a hostname to indicate all email addresses on that host or a domain with a leading period (e.g. `.example.com`) to indicate all email addresses in that domain.

func (NameConstraintsResponseOutput) PermittedIpRanges added in v0.29.0 

func (o NameConstraintsResponseOutput) PermittedIpRanges() pulumi.StringArrayOutput

Contains the permitted IP ranges. For IPv4 addresses, the ranges are expressed using CIDR notation as specified in RFC 4632. For IPv6 addresses, the ranges are expressed in similar encoding as IPv4 addresses.

func (NameConstraintsResponseOutput) PermittedUris added in v0.29.0 

func (o NameConstraintsResponseOutput) PermittedUris() pulumi.StringArrayOutput

Contains the permitted URIs that apply to the host part of the name. The value can be a hostname or a domain with a leading period (like `.example.com`)

func (NameConstraintsResponseOutput) ToNameConstraintsResponseOutput added in v0.29.0 

func (o NameConstraintsResponseOutput) ToNameConstraintsResponseOutput() NameConstraintsResponseOutput

func (NameConstraintsResponseOutput) ToNameConstraintsResponseOutputWithContext added in v0.29.0 

func (o NameConstraintsResponseOutput) ToNameConstraintsResponseOutputWithContext(ctx context.Context) NameConstraintsResponseOutput

type ObjectId 

type ObjectId struct {
	// The parts of an OID path. The most significant parts of the path come first.
	ObjectIdPath []int `pulumi:"objectIdPath"`
}

An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.

type ObjectIdArgs 

type ObjectIdArgs struct {
	// The parts of an OID path. The most significant parts of the path come first.
	ObjectIdPath pulumi.IntArrayInput `pulumi:"objectIdPath"`
}

An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.

func (ObjectIdArgs) ElementType 

func (ObjectIdArgs) ElementType() reflect.Type

func (ObjectIdArgs) ToObjectIdOutput 

func (i ObjectIdArgs) ToObjectIdOutput() ObjectIdOutput

func (ObjectIdArgs) ToObjectIdOutputWithContext 

func (i ObjectIdArgs) ToObjectIdOutputWithContext(ctx context.Context) ObjectIdOutput

type ObjectIdArray 

type ObjectIdArray []ObjectIdInput

func (ObjectIdArray) ElementType 

func (ObjectIdArray) ElementType() reflect.Type

func (ObjectIdArray) ToObjectIdArrayOutput 

func (i ObjectIdArray) ToObjectIdArrayOutput() ObjectIdArrayOutput

func (ObjectIdArray) ToObjectIdArrayOutputWithContext 

func (i ObjectIdArray) ToObjectIdArrayOutputWithContext(ctx context.Context) ObjectIdArrayOutput

type ObjectIdArrayInput 

type ObjectIdArrayInput interface {
	pulumi.Input

	ToObjectIdArrayOutput() ObjectIdArrayOutput
	ToObjectIdArrayOutputWithContext(context.Context) ObjectIdArrayOutput
}

ObjectIdArrayInput is an input type that accepts ObjectIdArray and ObjectIdArrayOutput values. You can construct a concrete instance of `ObjectIdArrayInput` via: 

ObjectIdArray{ ObjectIdArgs{...} }

type ObjectIdArrayOutput 

type ObjectIdArrayOutput struct{ *pulumi.OutputState }

func (ObjectIdArrayOutput) ElementType 

func (ObjectIdArrayOutput) ElementType() reflect.Type

func (ObjectIdArrayOutput) Index 

func (o ObjectIdArrayOutput) Index(i pulumi.IntInput) ObjectIdOutput

func (ObjectIdArrayOutput) ToObjectIdArrayOutput 

func (o ObjectIdArrayOutput) ToObjectIdArrayOutput() ObjectIdArrayOutput

func (ObjectIdArrayOutput) ToObjectIdArrayOutputWithContext 

func (o ObjectIdArrayOutput) ToObjectIdArrayOutputWithContext(ctx context.Context) ObjectIdArrayOutput

type ObjectIdInput 

type ObjectIdInput interface {
	pulumi.Input

	ToObjectIdOutput() ObjectIdOutput
	ToObjectIdOutputWithContext(context.Context) ObjectIdOutput
}

ObjectIdInput is an input type that accepts ObjectIdArgs and ObjectIdOutput values. You can construct a concrete instance of `ObjectIdInput` via: 

ObjectIdArgs{...}

type ObjectIdOutput 

type ObjectIdOutput struct{ *pulumi.OutputState }

An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.

func (ObjectIdOutput) ElementType 

func (ObjectIdOutput) ElementType() reflect.Type

func (ObjectIdOutput) ObjectIdPath 

func (o ObjectIdOutput) ObjectIdPath() pulumi.IntArrayOutput

The parts of an OID path. The most significant parts of the path come first.

func (ObjectIdOutput) ToObjectIdOutput 

func (o ObjectIdOutput) ToObjectIdOutput() ObjectIdOutput

func (ObjectIdOutput) ToObjectIdOutputWithContext 

func (o ObjectIdOutput) ToObjectIdOutputWithContext(ctx context.Context) ObjectIdOutput

type ObjectIdResponse 

type ObjectIdResponse struct {
	// The parts of an OID path. The most significant parts of the path come first.
	ObjectIdPath []int `pulumi:"objectIdPath"`
}

An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.

type ObjectIdResponseArrayOutput 

type ObjectIdResponseArrayOutput struct{ *pulumi.OutputState }

func (ObjectIdResponseArrayOutput) ElementType 

func (ObjectIdResponseArrayOutput) ElementType() reflect.Type

func (ObjectIdResponseArrayOutput) Index 

func (o ObjectIdResponseArrayOutput) Index(i pulumi.IntInput) ObjectIdResponseOutput

func (ObjectIdResponseArrayOutput) ToObjectIdResponseArrayOutput 

func (o ObjectIdResponseArrayOutput) ToObjectIdResponseArrayOutput() ObjectIdResponseArrayOutput

func (ObjectIdResponseArrayOutput) ToObjectIdResponseArrayOutputWithContext 

func (o ObjectIdResponseArrayOutput) ToObjectIdResponseArrayOutputWithContext(ctx context.Context) ObjectIdResponseArrayOutput

type ObjectIdResponseOutput 

type ObjectIdResponseOutput struct{ *pulumi.OutputState }

An ObjectId specifies an object identifier (OID). These provide context and describe types in ASN.1 messages.

func (ObjectIdResponseOutput) ElementType 

func (ObjectIdResponseOutput) ElementType() reflect.Type

func (ObjectIdResponseOutput) ObjectIdPath 

func (o ObjectIdResponseOutput) ObjectIdPath() pulumi.IntArrayOutput

The parts of an OID path. The most significant parts of the path come first.

func (ObjectIdResponseOutput) ToObjectIdResponseOutput 

func (o ObjectIdResponseOutput) ToObjectIdResponseOutput() ObjectIdResponseOutput

func (ObjectIdResponseOutput) ToObjectIdResponseOutputWithContext 

func (o ObjectIdResponseOutput) ToObjectIdResponseOutputWithContext(ctx context.Context) ObjectIdResponseOutput

type PublicKey 

type PublicKey struct {
	// The format of the public key.
	Format PublicKeyFormat `pulumi:"format"`
	// A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
	Key string `pulumi:"key"`
}

A PublicKey describes a public key.

type PublicKeyArgs 

type PublicKeyArgs struct {
	// The format of the public key.
	Format PublicKeyFormatInput `pulumi:"format"`
	// A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
	Key pulumi.StringInput `pulumi:"key"`
}

A PublicKey describes a public key.

func (PublicKeyArgs) ElementType 

func (PublicKeyArgs) ElementType() reflect.Type

func (PublicKeyArgs) ToPublicKeyOutput 

func (i PublicKeyArgs) ToPublicKeyOutput() PublicKeyOutput

func (PublicKeyArgs) ToPublicKeyOutputWithContext 

func (i PublicKeyArgs) ToPublicKeyOutputWithContext(ctx context.Context) PublicKeyOutput

func (PublicKeyArgs) ToPublicKeyPtrOutput 

func (i PublicKeyArgs) ToPublicKeyPtrOutput() PublicKeyPtrOutput

func (PublicKeyArgs) ToPublicKeyPtrOutputWithContext 

func (i PublicKeyArgs) ToPublicKeyPtrOutputWithContext(ctx context.Context) PublicKeyPtrOutput

type PublicKeyFormat 

type PublicKeyFormat string

Required. The format of the public key.

func (PublicKeyFormat) ElementType 

func (PublicKeyFormat) ElementType() reflect.Type

func (PublicKeyFormat) ToPublicKeyFormatOutput added in v0.6.0 

func (e PublicKeyFormat) ToPublicKeyFormatOutput() PublicKeyFormatOutput

func (PublicKeyFormat) ToPublicKeyFormatOutputWithContext added in v0.6.0 

func (e PublicKeyFormat) ToPublicKeyFormatOutputWithContext(ctx context.Context) PublicKeyFormatOutput

func (PublicKeyFormat) ToPublicKeyFormatPtrOutput added in v0.6.0 

func (e PublicKeyFormat) ToPublicKeyFormatPtrOutput() PublicKeyFormatPtrOutput

func (PublicKeyFormat) ToPublicKeyFormatPtrOutputWithContext added in v0.6.0 

func (e PublicKeyFormat) ToPublicKeyFormatPtrOutputWithContext(ctx context.Context) PublicKeyFormatPtrOutput

func (PublicKeyFormat) ToStringOutput 

func (e PublicKeyFormat) ToStringOutput() pulumi.StringOutput

func (PublicKeyFormat) ToStringOutputWithContext 

func (e PublicKeyFormat) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (PublicKeyFormat) ToStringPtrOutput 

func (e PublicKeyFormat) ToStringPtrOutput() pulumi.StringPtrOutput

func (PublicKeyFormat) ToStringPtrOutputWithContext 

func (e PublicKeyFormat) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type PublicKeyFormatInput added in v0.6.0 

type PublicKeyFormatInput interface {
	pulumi.Input

	ToPublicKeyFormatOutput() PublicKeyFormatOutput
	ToPublicKeyFormatOutputWithContext(context.Context) PublicKeyFormatOutput
}

PublicKeyFormatInput is an input type that accepts PublicKeyFormatArgs and PublicKeyFormatOutput values. You can construct a concrete instance of `PublicKeyFormatInput` via: 

PublicKeyFormatArgs{...}

type PublicKeyFormatOutput added in v0.6.0 

type PublicKeyFormatOutput struct{ *pulumi.OutputState }

func (PublicKeyFormatOutput) ElementType added in v0.6.0 

func (PublicKeyFormatOutput) ElementType() reflect.Type

func (PublicKeyFormatOutput) ToPublicKeyFormatOutput added in v0.6.0 

func (o PublicKeyFormatOutput) ToPublicKeyFormatOutput() PublicKeyFormatOutput

func (PublicKeyFormatOutput) ToPublicKeyFormatOutputWithContext added in v0.6.0 

func (o PublicKeyFormatOutput) ToPublicKeyFormatOutputWithContext(ctx context.Context) PublicKeyFormatOutput

func (PublicKeyFormatOutput) ToPublicKeyFormatPtrOutput added in v0.6.0 

func (o PublicKeyFormatOutput) ToPublicKeyFormatPtrOutput() PublicKeyFormatPtrOutput

func (PublicKeyFormatOutput) ToPublicKeyFormatPtrOutputWithContext added in v0.6.0 

func (o PublicKeyFormatOutput) ToPublicKeyFormatPtrOutputWithContext(ctx context.Context) PublicKeyFormatPtrOutput

func (PublicKeyFormatOutput) ToStringOutput added in v0.6.0 

func (o PublicKeyFormatOutput) ToStringOutput() pulumi.StringOutput

func (PublicKeyFormatOutput) ToStringOutputWithContext added in v0.6.0 

func (o PublicKeyFormatOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (PublicKeyFormatOutput) ToStringPtrOutput added in v0.6.0 

func (o PublicKeyFormatOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (PublicKeyFormatOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o PublicKeyFormatOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type PublicKeyFormatPtrInput added in v0.6.0 

type PublicKeyFormatPtrInput interface {
	pulumi.Input

	ToPublicKeyFormatPtrOutput() PublicKeyFormatPtrOutput
	ToPublicKeyFormatPtrOutputWithContext(context.Context) PublicKeyFormatPtrOutput
}

func PublicKeyFormatPtr added in v0.6.0 

func PublicKeyFormatPtr(v string) PublicKeyFormatPtrInput

type PublicKeyFormatPtrOutput added in v0.6.0 

type PublicKeyFormatPtrOutput struct{ *pulumi.OutputState }

func (PublicKeyFormatPtrOutput) Elem added in v0.6.0 

func (o PublicKeyFormatPtrOutput) Elem() PublicKeyFormatOutput

func (PublicKeyFormatPtrOutput) ElementType added in v0.6.0 

func (PublicKeyFormatPtrOutput) ElementType() reflect.Type

func (PublicKeyFormatPtrOutput) ToPublicKeyFormatPtrOutput added in v0.6.0 

func (o PublicKeyFormatPtrOutput) ToPublicKeyFormatPtrOutput() PublicKeyFormatPtrOutput

func (PublicKeyFormatPtrOutput) ToPublicKeyFormatPtrOutputWithContext added in v0.6.0 

func (o PublicKeyFormatPtrOutput) ToPublicKeyFormatPtrOutputWithContext(ctx context.Context) PublicKeyFormatPtrOutput

func (PublicKeyFormatPtrOutput) ToStringPtrOutput added in v0.6.0 

func (o PublicKeyFormatPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (PublicKeyFormatPtrOutput) ToStringPtrOutputWithContext added in v0.6.0 

func (o PublicKeyFormatPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type PublicKeyInput 

type PublicKeyInput interface {
	pulumi.Input

	ToPublicKeyOutput() PublicKeyOutput
	ToPublicKeyOutputWithContext(context.Context) PublicKeyOutput
}

PublicKeyInput is an input type that accepts PublicKeyArgs and PublicKeyOutput values. You can construct a concrete instance of `PublicKeyInput` via: 

PublicKeyArgs{...}

type PublicKeyOutput 

type PublicKeyOutput struct{ *pulumi.OutputState }

A PublicKey describes a public key.

func (PublicKeyOutput) ElementType 

func (PublicKeyOutput) ElementType() reflect.Type

func (PublicKeyOutput) Format 

func (o PublicKeyOutput) Format() PublicKeyFormatOutput

The format of the public key.

func (PublicKeyOutput) Key 

func (o PublicKeyOutput) Key() pulumi.StringOutput

A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.

func (PublicKeyOutput) ToPublicKeyOutput 

func (o PublicKeyOutput) ToPublicKeyOutput() PublicKeyOutput

func (PublicKeyOutput) ToPublicKeyOutputWithContext 

func (o PublicKeyOutput) ToPublicKeyOutputWithContext(ctx context.Context) PublicKeyOutput

func (PublicKeyOutput) ToPublicKeyPtrOutput 

func (o PublicKeyOutput) ToPublicKeyPtrOutput() PublicKeyPtrOutput

func (PublicKeyOutput) ToPublicKeyPtrOutputWithContext 

func (o PublicKeyOutput) ToPublicKeyPtrOutputWithContext(ctx context.Context) PublicKeyPtrOutput

type PublicKeyPtrInput 

type PublicKeyPtrInput interface {
	pulumi.Input

	ToPublicKeyPtrOutput() PublicKeyPtrOutput
	ToPublicKeyPtrOutputWithContext(context.Context) PublicKeyPtrOutput
}

PublicKeyPtrInput is an input type that accepts PublicKeyArgs, PublicKeyPtr and PublicKeyPtrOutput values. You can construct a concrete instance of `PublicKeyPtrInput` via: 

        PublicKeyArgs{...}

or:

        nil

func PublicKeyPtr 

func PublicKeyPtr(v *PublicKeyArgs) PublicKeyPtrInput

type PublicKeyPtrOutput 

type PublicKeyPtrOutput struct{ *pulumi.OutputState }

func (PublicKeyPtrOutput) Elem 

func (o PublicKeyPtrOutput) Elem() PublicKeyOutput

func (PublicKeyPtrOutput) ElementType 

func (PublicKeyPtrOutput) ElementType() reflect.Type

func (PublicKeyPtrOutput) Format 

func (o PublicKeyPtrOutput) Format() PublicKeyFormatPtrOutput

The format of the public key.

func (PublicKeyPtrOutput) Key 

func (o PublicKeyPtrOutput) Key() pulumi.StringPtrOutput

A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.

func (PublicKeyPtrOutput) ToPublicKeyPtrOutput 

func (o PublicKeyPtrOutput) ToPublicKeyPtrOutput() PublicKeyPtrOutput

func (PublicKeyPtrOutput) ToPublicKeyPtrOutputWithContext 

func (o PublicKeyPtrOutput) ToPublicKeyPtrOutputWithContext(ctx context.Context) PublicKeyPtrOutput

type PublicKeyResponse 

type PublicKeyResponse struct {
	// The format of the public key.
	Format string `pulumi:"format"`
	// A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.
	Key string `pulumi:"key"`
}

A PublicKey describes a public key.

type PublicKeyResponseOutput 

type PublicKeyResponseOutput struct{ *pulumi.OutputState }

A PublicKey describes a public key.

func (PublicKeyResponseOutput) ElementType 

func (PublicKeyResponseOutput) ElementType() reflect.Type

func (PublicKeyResponseOutput) Format 

func (o PublicKeyResponseOutput) Format() pulumi.StringOutput

The format of the public key.

func (PublicKeyResponseOutput) Key 

func (o PublicKeyResponseOutput) Key() pulumi.StringOutput

A public key. The padding and encoding must match with the `KeyFormat` value specified for the `format` field.

func (PublicKeyResponseOutput) ToPublicKeyResponseOutput 

func (o PublicKeyResponseOutput) ToPublicKeyResponseOutput() PublicKeyResponseOutput

func (PublicKeyResponseOutput) ToPublicKeyResponseOutputWithContext 

func (o PublicKeyResponseOutput) ToPublicKeyResponseOutputWithContext(ctx context.Context) PublicKeyResponseOutput

type PublishingOptions 

type PublishingOptions struct {
	// Optional. Specifies the encoding format of each CertificateAuthority's CA certificate and CRLs. If this is omitted, CA certificates and CRLs will be published in PEM.
	EncodingFormat *PublishingOptionsEncodingFormat `pulumi:"encodingFormat"`
	// Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.
	PublishCaCert *bool `pulumi:"publishCaCert"`
	// Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.
	PublishCrl *bool `pulumi:"publishCrl"`
}

Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool.

type PublishingOptionsArgs 

type PublishingOptionsArgs struct {
	// Optional. Specifies the encoding format of each CertificateAuthority's CA certificate and CRLs. If this is omitted, CA certificates and CRLs will be published in PEM.
	EncodingFormat PublishingOptionsEncodingFormatPtrInput `pulumi:"encodingFormat"`
	// Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.
	PublishCaCert pulumi.BoolPtrInput `pulumi:"publishCaCert"`
	// Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.
	PublishCrl pulumi.BoolPtrInput `pulumi:"publishCrl"`
}

Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool.

func (PublishingOptionsArgs) ElementType 

func (PublishingOptionsArgs) ElementType() reflect.Type

func (PublishingOptionsArgs) ToPublishingOptionsOutput 

func (i PublishingOptionsArgs) ToPublishingOptionsOutput() PublishingOptionsOutput

func (PublishingOptionsArgs) ToPublishingOptionsOutputWithContext 

func (i PublishingOptionsArgs) ToPublishingOptionsOutputWithContext(ctx context.Context) PublishingOptionsOutput

func (PublishingOptionsArgs) ToPublishingOptionsPtrOutput 

func (i PublishingOptionsArgs) ToPublishingOptionsPtrOutput() PublishingOptionsPtrOutput

func (PublishingOptionsArgs) ToPublishingOptionsPtrOutputWithContext 

func (i PublishingOptionsArgs) ToPublishingOptionsPtrOutputWithContext(ctx context.Context) PublishingOptionsPtrOutput

type PublishingOptionsEncodingFormat added in v0.31.1 

type PublishingOptionsEncodingFormat string

Optional. Specifies the encoding format of each CertificateAuthority's CA certificate and CRLs. If this is omitted, CA certificates and CRLs will be published in PEM.

func (PublishingOptionsEncodingFormat) ElementType added in v0.31.1 

func (PublishingOptionsEncodingFormat) ElementType() reflect.Type

func (PublishingOptionsEncodingFormat) ToPublishingOptionsEncodingFormatOutput added in v0.31.1 

func (e PublishingOptionsEncodingFormat) ToPublishingOptionsEncodingFormatOutput() PublishingOptionsEncodingFormatOutput

func (PublishingOptionsEncodingFormat) ToPublishingOptionsEncodingFormatOutputWithContext added in v0.31.1 

func (e PublishingOptionsEncodingFormat) ToPublishingOptionsEncodingFormatOutputWithContext(ctx context.Context) PublishingOptionsEncodingFormatOutput

func (PublishingOptionsEncodingFormat) ToPublishingOptionsEncodingFormatPtrOutput added in v0.31.1 

func (e PublishingOptionsEncodingFormat) ToPublishingOptionsEncodingFormatPtrOutput() PublishingOptionsEncodingFormatPtrOutput

func (PublishingOptionsEncodingFormat) ToPublishingOptionsEncodingFormatPtrOutputWithContext added in v0.31.1 

func (e PublishingOptionsEncodingFormat) ToPublishingOptionsEncodingFormatPtrOutputWithContext(ctx context.Context) PublishingOptionsEncodingFormatPtrOutput

func (PublishingOptionsEncodingFormat) ToStringOutput added in v0.31.1 

func (e PublishingOptionsEncodingFormat) ToStringOutput() pulumi.StringOutput

func (PublishingOptionsEncodingFormat) ToStringOutputWithContext added in v0.31.1 

func (e PublishingOptionsEncodingFormat) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (PublishingOptionsEncodingFormat) ToStringPtrOutput added in v0.31.1 

func (e PublishingOptionsEncodingFormat) ToStringPtrOutput() pulumi.StringPtrOutput

func (PublishingOptionsEncodingFormat) ToStringPtrOutputWithContext added in v0.31.1 

func (e PublishingOptionsEncodingFormat) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type PublishingOptionsEncodingFormatInput added in v0.31.1 

type PublishingOptionsEncodingFormatInput interface {
	pulumi.Input

	ToPublishingOptionsEncodingFormatOutput() PublishingOptionsEncodingFormatOutput
	ToPublishingOptionsEncodingFormatOutputWithContext(context.Context) PublishingOptionsEncodingFormatOutput
}

PublishingOptionsEncodingFormatInput is an input type that accepts PublishingOptionsEncodingFormatArgs and PublishingOptionsEncodingFormatOutput values. You can construct a concrete instance of `PublishingOptionsEncodingFormatInput` via: 

PublishingOptionsEncodingFormatArgs{...}

type PublishingOptionsEncodingFormatOutput added in v0.31.1 

type PublishingOptionsEncodingFormatOutput struct{ *pulumi.OutputState }

func (PublishingOptionsEncodingFormatOutput) ElementType added in v0.31.1 

func (PublishingOptionsEncodingFormatOutput) ElementType() reflect.Type

func (PublishingOptionsEncodingFormatOutput) ToPublishingOptionsEncodingFormatOutput added in v0.31.1 

func (o PublishingOptionsEncodingFormatOutput) ToPublishingOptionsEncodingFormatOutput() PublishingOptionsEncodingFormatOutput

func (PublishingOptionsEncodingFormatOutput) ToPublishingOptionsEncodingFormatOutputWithContext added in v0.31.1 

func (o PublishingOptionsEncodingFormatOutput) ToPublishingOptionsEncodingFormatOutputWithContext(ctx context.Context) PublishingOptionsEncodingFormatOutput

func (PublishingOptionsEncodingFormatOutput) ToPublishingOptionsEncodingFormatPtrOutput added in v0.31.1 

func (o PublishingOptionsEncodingFormatOutput) ToPublishingOptionsEncodingFormatPtrOutput() PublishingOptionsEncodingFormatPtrOutput

func (PublishingOptionsEncodingFormatOutput) ToPublishingOptionsEncodingFormatPtrOutputWithContext added in v0.31.1 

func (o PublishingOptionsEncodingFormatOutput) ToPublishingOptionsEncodingFormatPtrOutputWithContext(ctx context.Context) PublishingOptionsEncodingFormatPtrOutput

func (PublishingOptionsEncodingFormatOutput) ToStringOutput added in v0.31.1 

func (o PublishingOptionsEncodingFormatOutput) ToStringOutput() pulumi.StringOutput

func (PublishingOptionsEncodingFormatOutput) ToStringOutputWithContext added in v0.31.1 

func (o PublishingOptionsEncodingFormatOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput

func (PublishingOptionsEncodingFormatOutput) ToStringPtrOutput added in v0.31.1 

func (o PublishingOptionsEncodingFormatOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (PublishingOptionsEncodingFormatOutput) ToStringPtrOutputWithContext added in v0.31.1 

func (o PublishingOptionsEncodingFormatOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type PublishingOptionsEncodingFormatPtrInput added in v0.31.1 

type PublishingOptionsEncodingFormatPtrInput interface {
	pulumi.Input

	ToPublishingOptionsEncodingFormatPtrOutput() PublishingOptionsEncodingFormatPtrOutput
	ToPublishingOptionsEncodingFormatPtrOutputWithContext(context.Context) PublishingOptionsEncodingFormatPtrOutput
}

func PublishingOptionsEncodingFormatPtr added in v0.31.1 

func PublishingOptionsEncodingFormatPtr(v string) PublishingOptionsEncodingFormatPtrInput

type PublishingOptionsEncodingFormatPtrOutput added in v0.31.1 

type PublishingOptionsEncodingFormatPtrOutput struct{ *pulumi.OutputState }

func (PublishingOptionsEncodingFormatPtrOutput) Elem added in v0.31.1 

func (o PublishingOptionsEncodingFormatPtrOutput) Elem() PublishingOptionsEncodingFormatOutput

func (PublishingOptionsEncodingFormatPtrOutput) ElementType added in v0.31.1 

func (PublishingOptionsEncodingFormatPtrOutput) ElementType() reflect.Type

func (PublishingOptionsEncodingFormatPtrOutput) ToPublishingOptionsEncodingFormatPtrOutput added in v0.31.1 

func (o PublishingOptionsEncodingFormatPtrOutput) ToPublishingOptionsEncodingFormatPtrOutput() PublishingOptionsEncodingFormatPtrOutput

func (PublishingOptionsEncodingFormatPtrOutput) ToPublishingOptionsEncodingFormatPtrOutputWithContext added in v0.31.1 

func (o PublishingOptionsEncodingFormatPtrOutput) ToPublishingOptionsEncodingFormatPtrOutputWithContext(ctx context.Context) PublishingOptionsEncodingFormatPtrOutput

func (PublishingOptionsEncodingFormatPtrOutput) ToStringPtrOutput added in v0.31.1 

func (o PublishingOptionsEncodingFormatPtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput

func (PublishingOptionsEncodingFormatPtrOutput) ToStringPtrOutputWithContext added in v0.31.1 

func (o PublishingOptionsEncodingFormatPtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput

type PublishingOptionsInput 

type PublishingOptionsInput interface {
	pulumi.Input

	ToPublishingOptionsOutput() PublishingOptionsOutput
	ToPublishingOptionsOutputWithContext(context.Context) PublishingOptionsOutput
}

PublishingOptionsInput is an input type that accepts PublishingOptionsArgs and PublishingOptionsOutput values. You can construct a concrete instance of `PublishingOptionsInput` via: 

PublishingOptionsArgs{...}

type PublishingOptionsOutput 

type PublishingOptionsOutput struct{ *pulumi.OutputState }

Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool.

func (PublishingOptionsOutput) ElementType 

func (PublishingOptionsOutput) ElementType() reflect.Type

func (PublishingOptionsOutput) EncodingFormat added in v0.31.1 

func (o PublishingOptionsOutput) EncodingFormat() PublishingOptionsEncodingFormatPtrOutput

Optional. Specifies the encoding format of each CertificateAuthority's CA certificate and CRLs. If this is omitted, CA certificates and CRLs will be published in PEM.

func (PublishingOptionsOutput) PublishCaCert 

func (o PublishingOptionsOutput) PublishCaCert() pulumi.BoolPtrOutput

Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.

func (PublishingOptionsOutput) PublishCrl 

func (o PublishingOptionsOutput) PublishCrl() pulumi.BoolPtrOutput

Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.

func (PublishingOptionsOutput) ToPublishingOptionsOutput 

func (o PublishingOptionsOutput) ToPublishingOptionsOutput() PublishingOptionsOutput

func (PublishingOptionsOutput) ToPublishingOptionsOutputWithContext 

func (o PublishingOptionsOutput) ToPublishingOptionsOutputWithContext(ctx context.Context) PublishingOptionsOutput

func (PublishingOptionsOutput) ToPublishingOptionsPtrOutput 

func (o PublishingOptionsOutput) ToPublishingOptionsPtrOutput() PublishingOptionsPtrOutput

func (PublishingOptionsOutput) ToPublishingOptionsPtrOutputWithContext 

func (o PublishingOptionsOutput) ToPublishingOptionsPtrOutputWithContext(ctx context.Context) PublishingOptionsPtrOutput

type PublishingOptionsPtrInput 

type PublishingOptionsPtrInput interface {
	pulumi.Input

	ToPublishingOptionsPtrOutput() PublishingOptionsPtrOutput
	ToPublishingOptionsPtrOutputWithContext(context.Context) PublishingOptionsPtrOutput
}

PublishingOptionsPtrInput is an input type that accepts PublishingOptionsArgs, PublishingOptionsPtr and PublishingOptionsPtrOutput values. You can construct a concrete instance of `PublishingOptionsPtrInput` via: 

        PublishingOptionsArgs{...}

or:

        nil

func PublishingOptionsPtr 

func PublishingOptionsPtr(v *PublishingOptionsArgs) PublishingOptionsPtrInput

type PublishingOptionsPtrOutput 

type PublishingOptionsPtrOutput struct{ *pulumi.OutputState }

func (PublishingOptionsPtrOutput) Elem 

func (o PublishingOptionsPtrOutput) Elem() PublishingOptionsOutput

func (PublishingOptionsPtrOutput) ElementType 

func (PublishingOptionsPtrOutput) ElementType() reflect.Type

func (PublishingOptionsPtrOutput) EncodingFormat added in v0.31.1 

func (o PublishingOptionsPtrOutput) EncodingFormat() PublishingOptionsEncodingFormatPtrOutput

Optional. Specifies the encoding format of each CertificateAuthority's CA certificate and CRLs. If this is omitted, CA certificates and CRLs will be published in PEM.

func (PublishingOptionsPtrOutput) PublishCaCert 

func (o PublishingOptionsPtrOutput) PublishCaCert() pulumi.BoolPtrOutput

Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.

func (PublishingOptionsPtrOutput) PublishCrl 

func (o PublishingOptionsPtrOutput) PublishCrl() pulumi.BoolPtrOutput

Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.

func (PublishingOptionsPtrOutput) ToPublishingOptionsPtrOutput 

func (o PublishingOptionsPtrOutput) ToPublishingOptionsPtrOutput() PublishingOptionsPtrOutput

func (PublishingOptionsPtrOutput) ToPublishingOptionsPtrOutputWithContext 

func (o PublishingOptionsPtrOutput) ToPublishingOptionsPtrOutputWithContext(ctx context.Context) PublishingOptionsPtrOutput

type PublishingOptionsResponse 

type PublishingOptionsResponse struct {
	// Optional. Specifies the encoding format of each CertificateAuthority's CA certificate and CRLs. If this is omitted, CA certificates and CRLs will be published in PEM.
	EncodingFormat string `pulumi:"encodingFormat"`
	// Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.
	PublishCaCert bool `pulumi:"publishCaCert"`
	// Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.
	PublishCrl bool `pulumi:"publishCrl"`
}

Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool.

type PublishingOptionsResponseOutput 

type PublishingOptionsResponseOutput struct{ *pulumi.OutputState }

Options relating to the publication of each CertificateAuthority's CA certificate and CRLs and their inclusion as extensions in issued Certificates. The options set here apply to certificates issued by any CertificateAuthority in the CaPool.

func (PublishingOptionsResponseOutput) ElementType 

func (PublishingOptionsResponseOutput) ElementType() reflect.Type

func (PublishingOptionsResponseOutput) EncodingFormat added in v0.31.1 

func (o PublishingOptionsResponseOutput) EncodingFormat() pulumi.StringOutput

Optional. Specifies the encoding format of each CertificateAuthority's CA certificate and CRLs. If this is omitted, CA certificates and CRLs will be published in PEM.

func (PublishingOptionsResponseOutput) PublishCaCert 

func (o PublishingOptionsResponseOutput) PublishCaCert() pulumi.BoolOutput

Optional. When true, publishes each CertificateAuthority's CA certificate and includes its URL in the "Authority Information Access" X.509 extension in all issued Certificates. If this is false, the CA certificate will not be published and the corresponding X.509 extension will not be written in issued certificates.

func (PublishingOptionsResponseOutput) PublishCrl 

func (o PublishingOptionsResponseOutput) PublishCrl() pulumi.BoolOutput

Optional. When true, publishes each CertificateAuthority's CRL and includes its URL in the "CRL Distribution Points" X.509 extension in all issued Certificates. If this is false, CRLs will not be published and the corresponding X.509 extension will not be written in issued certificates. CRLs will expire 7 days from their creation. However, we will rebuild daily. CRLs are also rebuilt shortly after a certificate is revoked.

func (PublishingOptionsResponseOutput) ToPublishingOptionsResponseOutput 

func (o PublishingOptionsResponseOutput) ToPublishingOptionsResponseOutput() PublishingOptionsResponseOutput

func (PublishingOptionsResponseOutput) ToPublishingOptionsResponseOutputWithContext 

func (o PublishingOptionsResponseOutput) ToPublishingOptionsResponseOutputWithContext(ctx context.Context) PublishingOptionsResponseOutput

type RevocationDetailsResponse 

type RevocationDetailsResponse struct {
	// Indicates why a Certificate was revoked.
	RevocationState string `pulumi:"revocationState"`
	// The time at which this Certificate was revoked.
	RevocationTime string `pulumi:"revocationTime"`
}

Describes fields that are relavent to the revocation of a Certificate.

type RevocationDetailsResponseOutput 

type RevocationDetailsResponseOutput struct{ *pulumi.OutputState }

Describes fields that are relavent to the revocation of a Certificate.

func (RevocationDetailsResponseOutput) ElementType 

func (RevocationDetailsResponseOutput) ElementType() reflect.Type

func (RevocationDetailsResponseOutput) RevocationState 

func (o RevocationDetailsResponseOutput) RevocationState() pulumi.StringOutput

Indicates why a Certificate was revoked.

func (RevocationDetailsResponseOutput) RevocationTime 

func (o RevocationDetailsResponseOutput) RevocationTime() pulumi.StringOutput

The time at which this Certificate was revoked.

func (RevocationDetailsResponseOutput) ToRevocationDetailsResponseOutput 

func (o RevocationDetailsResponseOutput) ToRevocationDetailsResponseOutput() RevocationDetailsResponseOutput

func (RevocationDetailsResponseOutput) ToRevocationDetailsResponseOutputWithContext 

func (o RevocationDetailsResponseOutput) ToRevocationDetailsResponseOutputWithContext(ctx context.Context) RevocationDetailsResponseOutput

type RsaKeyType 

type RsaKeyType struct {
	// Optional. The maximum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.
	MaxModulusSize *string `pulumi:"maxModulusSize"`
	// Optional. The minimum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.
	MinModulusSize *string `pulumi:"minModulusSize"`
}

Describes an RSA key that may be used in a Certificate issued from a CaPool.

type RsaKeyTypeArgs 

type RsaKeyTypeArgs struct {
	// Optional. The maximum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.
	MaxModulusSize pulumi.StringPtrInput `pulumi:"maxModulusSize"`
	// Optional. The minimum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.
	MinModulusSize pulumi.StringPtrInput `pulumi:"minModulusSize"`
}

Describes an RSA key that may be used in a Certificate issued from a CaPool.

func (RsaKeyTypeArgs) ElementType 

func (RsaKeyTypeArgs) ElementType() reflect.Type

func (RsaKeyTypeArgs) ToRsaKeyTypeOutput 

func (i RsaKeyTypeArgs) ToRsaKeyTypeOutput() RsaKeyTypeOutput

func (RsaKeyTypeArgs) ToRsaKeyTypeOutputWithContext 

func (i RsaKeyTypeArgs) ToRsaKeyTypeOutputWithContext(ctx context.Context) RsaKeyTypeOutput

func (RsaKeyTypeArgs) ToRsaKeyTypePtrOutput 

func (i RsaKeyTypeArgs) ToRsaKeyTypePtrOutput() RsaKeyTypePtrOutput

func (RsaKeyTypeArgs) ToRsaKeyTypePtrOutputWithContext 

func (i RsaKeyTypeArgs) ToRsaKeyTypePtrOutputWithContext(ctx context.Context) RsaKeyTypePtrOutput

type RsaKeyTypeInput 

type RsaKeyTypeInput interface {
	pulumi.Input

	ToRsaKeyTypeOutput() RsaKeyTypeOutput
	ToRsaKeyTypeOutputWithContext(context.Context) RsaKeyTypeOutput
}

RsaKeyTypeInput is an input type that accepts RsaKeyTypeArgs and RsaKeyTypeOutput values. You can construct a concrete instance of `RsaKeyTypeInput` via: 

RsaKeyTypeArgs{...}

type RsaKeyTypeOutput 

type RsaKeyTypeOutput struct{ *pulumi.OutputState }

Describes an RSA key that may be used in a Certificate issued from a CaPool.

func (RsaKeyTypeOutput) ElementType 

func (RsaKeyTypeOutput) ElementType() reflect.Type

func (RsaKeyTypeOutput) MaxModulusSize 

func (o RsaKeyTypeOutput) MaxModulusSize() pulumi.StringPtrOutput

Optional. The maximum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.

func (RsaKeyTypeOutput) MinModulusSize 

func (o RsaKeyTypeOutput) MinModulusSize() pulumi.StringPtrOutput

Optional. The minimum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.

func (RsaKeyTypeOutput) ToRsaKeyTypeOutput 

func (o RsaKeyTypeOutput) ToRsaKeyTypeOutput() RsaKeyTypeOutput

func (RsaKeyTypeOutput) ToRsaKeyTypeOutputWithContext 

func (o RsaKeyTypeOutput) ToRsaKeyTypeOutputWithContext(ctx context.Context) RsaKeyTypeOutput

func (RsaKeyTypeOutput) ToRsaKeyTypePtrOutput 

func (o RsaKeyTypeOutput) ToRsaKeyTypePtrOutput() RsaKeyTypePtrOutput

func (RsaKeyTypeOutput) ToRsaKeyTypePtrOutputWithContext 

func (o RsaKeyTypeOutput) ToRsaKeyTypePtrOutputWithContext(ctx context.Context) RsaKeyTypePtrOutput

type RsaKeyTypePtrInput 

type RsaKeyTypePtrInput interface {
	pulumi.Input

	ToRsaKeyTypePtrOutput() RsaKeyTypePtrOutput
	ToRsaKeyTypePtrOutputWithContext(context.Context) RsaKeyTypePtrOutput
}

RsaKeyTypePtrInput is an input type that accepts RsaKeyTypeArgs, RsaKeyTypePtr and RsaKeyTypePtrOutput values. You can construct a concrete instance of `RsaKeyTypePtrInput` via: 

        RsaKeyTypeArgs{...}

or:

        nil

func RsaKeyTypePtr 

func RsaKeyTypePtr(v *RsaKeyTypeArgs) RsaKeyTypePtrInput

type RsaKeyTypePtrOutput 

type RsaKeyTypePtrOutput struct{ *pulumi.OutputState }

func (RsaKeyTypePtrOutput) Elem 

func (o RsaKeyTypePtrOutput) Elem() RsaKeyTypeOutput

func (RsaKeyTypePtrOutput) ElementType 

func (RsaKeyTypePtrOutput) ElementType() reflect.Type

func (RsaKeyTypePtrOutput) MaxModulusSize 

func (o RsaKeyTypePtrOutput) MaxModulusSize() pulumi.StringPtrOutput

Optional. The maximum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.

func (RsaKeyTypePtrOutput) MinModulusSize 

func (o RsaKeyTypePtrOutput) MinModulusSize() pulumi.StringPtrOutput

Optional. The minimum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.

func (RsaKeyTypePtrOutput) ToRsaKeyTypePtrOutput 

func (o RsaKeyTypePtrOutput) ToRsaKeyTypePtrOutput() RsaKeyTypePtrOutput

func (RsaKeyTypePtrOutput) ToRsaKeyTypePtrOutputWithContext 

func (o RsaKeyTypePtrOutput) ToRsaKeyTypePtrOutputWithContext(ctx context.Context) RsaKeyTypePtrOutput

type RsaKeyTypeResponse 

type RsaKeyTypeResponse struct {
	// Optional. The maximum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.
	MaxModulusSize string `pulumi:"maxModulusSize"`
	// Optional. The minimum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.
	MinModulusSize string `pulumi:"minModulusSize"`
}

Describes an RSA key that may be used in a Certificate issued from a CaPool.

type RsaKeyTypeResponseOutput 

type RsaKeyTypeResponseOutput struct{ *pulumi.OutputState }

Describes an RSA key that may be used in a Certificate issued from a CaPool.

func (RsaKeyTypeResponseOutput) ElementType 

func (RsaKeyTypeResponseOutput) ElementType() reflect.Type

func (RsaKeyTypeResponseOutput) MaxModulusSize 

func (o RsaKeyTypeResponseOutput) MaxModulusSize() pulumi.StringOutput

Optional. The maximum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service will not enforce an explicit upper bound on RSA modulus sizes.

func (RsaKeyTypeResponseOutput) MinModulusSize 

func (o RsaKeyTypeResponseOutput) MinModulusSize() pulumi.StringOutput

Optional. The minimum allowed RSA modulus size (inclusive), in bits. If this is not set, or if set to zero, the service-level min RSA modulus size will continue to apply.

func (RsaKeyTypeResponseOutput) ToRsaKeyTypeResponseOutput 

func (o RsaKeyTypeResponseOutput) ToRsaKeyTypeResponseOutput() RsaKeyTypeResponseOutput

func (RsaKeyTypeResponseOutput) ToRsaKeyTypeResponseOutputWithContext 

func (o RsaKeyTypeResponseOutput) ToRsaKeyTypeResponseOutputWithContext(ctx context.Context) RsaKeyTypeResponseOutput

type Subject 

type Subject struct {
	// The "common name" of the subject.
	CommonName *string `pulumi:"commonName"`
	// The country code of the subject.
	CountryCode *string `pulumi:"countryCode"`
	// The locality or city of the subject.
	Locality *string `pulumi:"locality"`
	// The organization of the subject.
	Organization *string `pulumi:"organization"`
	// The organizational_unit of the subject.
	OrganizationalUnit *string `pulumi:"organizationalUnit"`
	// The postal code of the subject.
	PostalCode *string `pulumi:"postalCode"`
	// The province, territory, or regional state of the subject.
	Province *string `pulumi:"province"`
	// The street address of the subject.
	StreetAddress *string `pulumi:"streetAddress"`
}

Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.

type SubjectAltNames 

type SubjectAltNames struct {
	// Contains additional subject alternative name values. For each custom_san, the `value` field must contain an ASN.1 encoded UTF8String.
	CustomSans []X509Extension `pulumi:"customSans"`
	// Contains only valid, fully-qualified host names.
	DnsNames []string `pulumi:"dnsNames"`
	// Contains only valid RFC 2822 E-mail addresses.
	EmailAddresses []string `pulumi:"emailAddresses"`
	// Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
	IpAddresses []string `pulumi:"ipAddresses"`
	// Contains only valid RFC 3986 URIs.
	Uris []string `pulumi:"uris"`
}

SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).

type SubjectAltNamesArgs 

type SubjectAltNamesArgs struct {
	// Contains additional subject alternative name values. For each custom_san, the `value` field must contain an ASN.1 encoded UTF8String.
	CustomSans X509ExtensionArrayInput `pulumi:"customSans"`
	// Contains only valid, fully-qualified host names.
	DnsNames pulumi.StringArrayInput `pulumi:"dnsNames"`
	// Contains only valid RFC 2822 E-mail addresses.
	EmailAddresses pulumi.StringArrayInput `pulumi:"emailAddresses"`
	// Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
	IpAddresses pulumi.StringArrayInput `pulumi:"ipAddresses"`
	// Contains only valid RFC 3986 URIs.
	Uris pulumi.StringArrayInput `pulumi:"uris"`
}

SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).

func (SubjectAltNamesArgs) ElementType 

func (SubjectAltNamesArgs) ElementType() reflect.Type

func (SubjectAltNamesArgs) ToSubjectAltNamesOutput 

func (i SubjectAltNamesArgs) ToSubjectAltNamesOutput() SubjectAltNamesOutput

func (SubjectAltNamesArgs) ToSubjectAltNamesOutputWithContext 

func (i SubjectAltNamesArgs) ToSubjectAltNamesOutputWithContext(ctx context.Context) SubjectAltNamesOutput

func (SubjectAltNamesArgs) ToSubjectAltNamesPtrOutput 

func (i SubjectAltNamesArgs) ToSubjectAltNamesPtrOutput() SubjectAltNamesPtrOutput

func (SubjectAltNamesArgs) ToSubjectAltNamesPtrOutputWithContext 

func (i SubjectAltNamesArgs) ToSubjectAltNamesPtrOutputWithContext(ctx context.Context) SubjectAltNamesPtrOutput

type SubjectAltNamesInput 

type SubjectAltNamesInput interface {
	pulumi.Input

	ToSubjectAltNamesOutput() SubjectAltNamesOutput
	ToSubjectAltNamesOutputWithContext(context.Context) SubjectAltNamesOutput
}

SubjectAltNamesInput is an input type that accepts SubjectAltNamesArgs and SubjectAltNamesOutput values. You can construct a concrete instance of `SubjectAltNamesInput` via: 

SubjectAltNamesArgs{...}

type SubjectAltNamesOutput 

type SubjectAltNamesOutput struct{ *pulumi.OutputState }

SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).

func (SubjectAltNamesOutput) CustomSans 

func (o SubjectAltNamesOutput) CustomSans() X509ExtensionArrayOutput

Contains additional subject alternative name values. For each custom_san, the `value` field must contain an ASN.1 encoded UTF8String.

func (SubjectAltNamesOutput) DnsNames 

func (o SubjectAltNamesOutput) DnsNames() pulumi.StringArrayOutput

Contains only valid, fully-qualified host names.

func (SubjectAltNamesOutput) ElementType 

func (SubjectAltNamesOutput) ElementType() reflect.Type

func (SubjectAltNamesOutput) EmailAddresses 

func (o SubjectAltNamesOutput) EmailAddresses() pulumi.StringArrayOutput

Contains only valid RFC 2822 E-mail addresses.

func (SubjectAltNamesOutput) IpAddresses 

func (o SubjectAltNamesOutput) IpAddresses() pulumi.StringArrayOutput

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

func (SubjectAltNamesOutput) ToSubjectAltNamesOutput 

func (o SubjectAltNamesOutput) ToSubjectAltNamesOutput() SubjectAltNamesOutput

func (SubjectAltNamesOutput) ToSubjectAltNamesOutputWithContext 

func (o SubjectAltNamesOutput) ToSubjectAltNamesOutputWithContext(ctx context.Context) SubjectAltNamesOutput

func (SubjectAltNamesOutput) ToSubjectAltNamesPtrOutput 

func (o SubjectAltNamesOutput) ToSubjectAltNamesPtrOutput() SubjectAltNamesPtrOutput

func (SubjectAltNamesOutput) ToSubjectAltNamesPtrOutputWithContext 

func (o SubjectAltNamesOutput) ToSubjectAltNamesPtrOutputWithContext(ctx context.Context) SubjectAltNamesPtrOutput

func (SubjectAltNamesOutput) Uris 

func (o SubjectAltNamesOutput) Uris() pulumi.StringArrayOutput

Contains only valid RFC 3986 URIs.

type SubjectAltNamesPtrInput 

type SubjectAltNamesPtrInput interface {
	pulumi.Input

	ToSubjectAltNamesPtrOutput() SubjectAltNamesPtrOutput
	ToSubjectAltNamesPtrOutputWithContext(context.Context) SubjectAltNamesPtrOutput
}

SubjectAltNamesPtrInput is an input type that accepts SubjectAltNamesArgs, SubjectAltNamesPtr and SubjectAltNamesPtrOutput values. You can construct a concrete instance of `SubjectAltNamesPtrInput` via: 

        SubjectAltNamesArgs{...}

or:

        nil

func SubjectAltNamesPtr 

func SubjectAltNamesPtr(v *SubjectAltNamesArgs) SubjectAltNamesPtrInput

type SubjectAltNamesPtrOutput 

type SubjectAltNamesPtrOutput struct{ *pulumi.OutputState }

func (SubjectAltNamesPtrOutput) CustomSans 

func (o SubjectAltNamesPtrOutput) CustomSans() X509ExtensionArrayOutput

Contains additional subject alternative name values. For each custom_san, the `value` field must contain an ASN.1 encoded UTF8String.

func (SubjectAltNamesPtrOutput) DnsNames 

func (o SubjectAltNamesPtrOutput) DnsNames() pulumi.StringArrayOutput

Contains only valid, fully-qualified host names.

func (SubjectAltNamesPtrOutput) Elem 

func (o SubjectAltNamesPtrOutput) Elem() SubjectAltNamesOutput

func (SubjectAltNamesPtrOutput) ElementType 

func (SubjectAltNamesPtrOutput) ElementType() reflect.Type

func (SubjectAltNamesPtrOutput) EmailAddresses 

func (o SubjectAltNamesPtrOutput) EmailAddresses() pulumi.StringArrayOutput

Contains only valid RFC 2822 E-mail addresses.

func (SubjectAltNamesPtrOutput) IpAddresses 

func (o SubjectAltNamesPtrOutput) IpAddresses() pulumi.StringArrayOutput

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

func (SubjectAltNamesPtrOutput) ToSubjectAltNamesPtrOutput 

func (o SubjectAltNamesPtrOutput) ToSubjectAltNamesPtrOutput() SubjectAltNamesPtrOutput

func (SubjectAltNamesPtrOutput) ToSubjectAltNamesPtrOutputWithContext 

func (o SubjectAltNamesPtrOutput) ToSubjectAltNamesPtrOutputWithContext(ctx context.Context) SubjectAltNamesPtrOutput

func (SubjectAltNamesPtrOutput) Uris 

func (o SubjectAltNamesPtrOutput) Uris() pulumi.StringArrayOutput

Contains only valid RFC 3986 URIs.

type SubjectAltNamesResponse 

type SubjectAltNamesResponse struct {
	// Contains additional subject alternative name values. For each custom_san, the `value` field must contain an ASN.1 encoded UTF8String.
	CustomSans []X509ExtensionResponse `pulumi:"customSans"`
	// Contains only valid, fully-qualified host names.
	DnsNames []string `pulumi:"dnsNames"`
	// Contains only valid RFC 2822 E-mail addresses.
	EmailAddresses []string `pulumi:"emailAddresses"`
	// Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.
	IpAddresses []string `pulumi:"ipAddresses"`
	// Contains only valid RFC 3986 URIs.
	Uris []string `pulumi:"uris"`
}

SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).

type SubjectAltNamesResponseOutput 

type SubjectAltNamesResponseOutput struct{ *pulumi.OutputState }

SubjectAltNames corresponds to a more modern way of listing what the asserted identity is in a certificate (i.e., compared to the "common name" in the distinguished name).

func (SubjectAltNamesResponseOutput) CustomSans 

func (o SubjectAltNamesResponseOutput) CustomSans() X509ExtensionResponseArrayOutput

Contains additional subject alternative name values. For each custom_san, the `value` field must contain an ASN.1 encoded UTF8String.

func (SubjectAltNamesResponseOutput) DnsNames 

func (o SubjectAltNamesResponseOutput) DnsNames() pulumi.StringArrayOutput

Contains only valid, fully-qualified host names.

func (SubjectAltNamesResponseOutput) ElementType 

func (SubjectAltNamesResponseOutput) ElementType() reflect.Type

func (SubjectAltNamesResponseOutput) EmailAddresses 

func (o SubjectAltNamesResponseOutput) EmailAddresses() pulumi.StringArrayOutput

Contains only valid RFC 2822 E-mail addresses.

func (SubjectAltNamesResponseOutput) IpAddresses 

func (o SubjectAltNamesResponseOutput) IpAddresses() pulumi.StringArrayOutput

Contains only valid 32-bit IPv4 addresses or RFC 4291 IPv6 addresses.

func (SubjectAltNamesResponseOutput) ToSubjectAltNamesResponseOutput 

func (o SubjectAltNamesResponseOutput) ToSubjectAltNamesResponseOutput() SubjectAltNamesResponseOutput

func (SubjectAltNamesResponseOutput) ToSubjectAltNamesResponseOutputWithContext 

func (o SubjectAltNamesResponseOutput) ToSubjectAltNamesResponseOutputWithContext(ctx context.Context) SubjectAltNamesResponseOutput

func (SubjectAltNamesResponseOutput) Uris 

func (o SubjectAltNamesResponseOutput) Uris() pulumi.StringArrayOutput

Contains only valid RFC 3986 URIs.

type SubjectArgs 

type SubjectArgs struct {
	// The "common name" of the subject.
	CommonName pulumi.StringPtrInput `pulumi:"commonName"`
	// The country code of the subject.
	CountryCode pulumi.StringPtrInput `pulumi:"countryCode"`
	// The locality or city of the subject.
	Locality pulumi.StringPtrInput `pulumi:"locality"`
	// The organization of the subject.
	Organization pulumi.StringPtrInput `pulumi:"organization"`
	// The organizational_unit of the subject.
	OrganizationalUnit pulumi.StringPtrInput `pulumi:"organizationalUnit"`
	// The postal code of the subject.
	PostalCode pulumi.StringPtrInput `pulumi:"postalCode"`
	// The province, territory, or regional state of the subject.
	Province pulumi.StringPtrInput `pulumi:"province"`
	// The street address of the subject.
	StreetAddress pulumi.StringPtrInput `pulumi:"streetAddress"`
}

Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.

func (SubjectArgs) ElementType 

func (SubjectArgs) ElementType() reflect.Type

func (SubjectArgs) ToSubjectOutput 

func (i SubjectArgs) ToSubjectOutput() SubjectOutput

func (SubjectArgs) ToSubjectOutputWithContext 

func (i SubjectArgs) ToSubjectOutputWithContext(ctx context.Context) SubjectOutput

func (SubjectArgs) ToSubjectPtrOutput 

func (i SubjectArgs) ToSubjectPtrOutput() SubjectPtrOutput

func (SubjectArgs) ToSubjectPtrOutputWithContext 

func (i SubjectArgs) ToSubjectPtrOutputWithContext(ctx context.Context) SubjectPtrOutput

type SubjectConfig 

type SubjectConfig struct {
	// Optional. Contains distinguished name fields such as the common name, location and organization.
	Subject *Subject `pulumi:"subject"`
	// Optional. The subject alternative name fields.
	SubjectAltName *SubjectAltNames `pulumi:"subjectAltName"`
}

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

type SubjectConfigArgs 

type SubjectConfigArgs struct {
	// Optional. Contains distinguished name fields such as the common name, location and organization.
	Subject SubjectPtrInput `pulumi:"subject"`
	// Optional. The subject alternative name fields.
	SubjectAltName SubjectAltNamesPtrInput `pulumi:"subjectAltName"`
}

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

func (SubjectConfigArgs) ElementType 

func (SubjectConfigArgs) ElementType() reflect.Type

func (SubjectConfigArgs) ToSubjectConfigOutput 

func (i SubjectConfigArgs) ToSubjectConfigOutput() SubjectConfigOutput

func (SubjectConfigArgs) ToSubjectConfigOutputWithContext 

func (i SubjectConfigArgs) ToSubjectConfigOutputWithContext(ctx context.Context) SubjectConfigOutput

func (SubjectConfigArgs) ToSubjectConfigPtrOutput 

func (i SubjectConfigArgs) ToSubjectConfigPtrOutput() SubjectConfigPtrOutput

func (SubjectConfigArgs) ToSubjectConfigPtrOutputWithContext 

func (i SubjectConfigArgs) ToSubjectConfigPtrOutputWithContext(ctx context.Context) SubjectConfigPtrOutput

type SubjectConfigInput 

type SubjectConfigInput interface {
	pulumi.Input

	ToSubjectConfigOutput() SubjectConfigOutput
	ToSubjectConfigOutputWithContext(context.Context) SubjectConfigOutput
}

SubjectConfigInput is an input type that accepts SubjectConfigArgs and SubjectConfigOutput values. You can construct a concrete instance of `SubjectConfigInput` via: 

SubjectConfigArgs{...}

type SubjectConfigOutput 

type SubjectConfigOutput struct{ *pulumi.OutputState }

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

func (SubjectConfigOutput) ElementType 

func (SubjectConfigOutput) ElementType() reflect.Type

func (SubjectConfigOutput) Subject 

func (o SubjectConfigOutput) Subject() SubjectPtrOutput

Optional. Contains distinguished name fields such as the common name, location and organization.

func (SubjectConfigOutput) SubjectAltName 

func (o SubjectConfigOutput) SubjectAltName() SubjectAltNamesPtrOutput

Optional. The subject alternative name fields.

func (SubjectConfigOutput) ToSubjectConfigOutput 

func (o SubjectConfigOutput) ToSubjectConfigOutput() SubjectConfigOutput

func (SubjectConfigOutput) ToSubjectConfigOutputWithContext 

func (o SubjectConfigOutput) ToSubjectConfigOutputWithContext(ctx context.Context) SubjectConfigOutput

func (SubjectConfigOutput) ToSubjectConfigPtrOutput 

func (o SubjectConfigOutput) ToSubjectConfigPtrOutput() SubjectConfigPtrOutput

func (SubjectConfigOutput) ToSubjectConfigPtrOutputWithContext 

func (o SubjectConfigOutput) ToSubjectConfigPtrOutputWithContext(ctx context.Context) SubjectConfigPtrOutput

type SubjectConfigPtrInput 

type SubjectConfigPtrInput interface {
	pulumi.Input

	ToSubjectConfigPtrOutput() SubjectConfigPtrOutput
	ToSubjectConfigPtrOutputWithContext(context.Context) SubjectConfigPtrOutput
}

SubjectConfigPtrInput is an input type that accepts SubjectConfigArgs, SubjectConfigPtr and SubjectConfigPtrOutput values. You can construct a concrete instance of `SubjectConfigPtrInput` via: 

        SubjectConfigArgs{...}

or:

        nil

func SubjectConfigPtr 

func SubjectConfigPtr(v *SubjectConfigArgs) SubjectConfigPtrInput

type SubjectConfigPtrOutput 

type SubjectConfigPtrOutput struct{ *pulumi.OutputState }

func (SubjectConfigPtrOutput) Elem 

func (o SubjectConfigPtrOutput) Elem() SubjectConfigOutput

func (SubjectConfigPtrOutput) ElementType 

func (SubjectConfigPtrOutput) ElementType() reflect.Type

func (SubjectConfigPtrOutput) Subject 

func (o SubjectConfigPtrOutput) Subject() SubjectPtrOutput

Optional. Contains distinguished name fields such as the common name, location and organization.

func (SubjectConfigPtrOutput) SubjectAltName 

func (o SubjectConfigPtrOutput) SubjectAltName() SubjectAltNamesPtrOutput

Optional. The subject alternative name fields.

func (SubjectConfigPtrOutput) ToSubjectConfigPtrOutput 

func (o SubjectConfigPtrOutput) ToSubjectConfigPtrOutput() SubjectConfigPtrOutput

func (SubjectConfigPtrOutput) ToSubjectConfigPtrOutputWithContext 

func (o SubjectConfigPtrOutput) ToSubjectConfigPtrOutputWithContext(ctx context.Context) SubjectConfigPtrOutput

type SubjectConfigResponse 

type SubjectConfigResponse struct {
	// Optional. Contains distinguished name fields such as the common name, location and organization.
	Subject SubjectResponse `pulumi:"subject"`
	// Optional. The subject alternative name fields.
	SubjectAltName SubjectAltNamesResponse `pulumi:"subjectAltName"`
}

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

type SubjectConfigResponseOutput 

type SubjectConfigResponseOutput struct{ *pulumi.OutputState }

These values are used to create the distinguished name and subject alternative name fields in an X.509 certificate.

func (SubjectConfigResponseOutput) ElementType 

func (SubjectConfigResponseOutput) ElementType() reflect.Type

func (SubjectConfigResponseOutput) Subject 

func (o SubjectConfigResponseOutput) Subject() SubjectResponseOutput

Optional. Contains distinguished name fields such as the common name, location and organization.

func (SubjectConfigResponseOutput) SubjectAltName 

func (o SubjectConfigResponseOutput) SubjectAltName() SubjectAltNamesResponseOutput

Optional. The subject alternative name fields.

func (SubjectConfigResponseOutput) ToSubjectConfigResponseOutput 

func (o SubjectConfigResponseOutput) ToSubjectConfigResponseOutput() SubjectConfigResponseOutput

func (SubjectConfigResponseOutput) ToSubjectConfigResponseOutputWithContext 

func (o SubjectConfigResponseOutput) ToSubjectConfigResponseOutputWithContext(ctx context.Context) SubjectConfigResponseOutput

type SubjectDescriptionResponse 

type SubjectDescriptionResponse struct {
	// The serial number encoded in lowercase hexadecimal.
	HexSerialNumber string `pulumi:"hexSerialNumber"`
	// For convenience, the actual lifetime of an issued certificate.
	Lifetime string `pulumi:"lifetime"`
	// The time after which the certificate is expired. Per RFC 5280, the validity period for a certificate is the period of time from not_before_time through not_after_time, inclusive. Corresponds to 'not_before_time' + 'lifetime' - 1 second.
	NotAfterTime string `pulumi:"notAfterTime"`
	// The time at which the certificate becomes valid.
	NotBeforeTime string `pulumi:"notBeforeTime"`
	// Contains distinguished name fields such as the common name, location and / organization.
	Subject SubjectResponse `pulumi:"subject"`
	// The subject alternative name fields.
	SubjectAltName SubjectAltNamesResponse `pulumi:"subjectAltName"`
}

These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.

type SubjectDescriptionResponseOutput 

type SubjectDescriptionResponseOutput struct{ *pulumi.OutputState }

These values describe fields in an issued X.509 certificate such as the distinguished name, subject alternative names, serial number, and lifetime.

func (SubjectDescriptionResponseOutput) ElementType 

func (SubjectDescriptionResponseOutput) ElementType() reflect.Type

func (SubjectDescriptionResponseOutput) HexSerialNumber 

func (o SubjectDescriptionResponseOutput) HexSerialNumber() pulumi.StringOutput

The serial number encoded in lowercase hexadecimal.

func (SubjectDescriptionResponseOutput) Lifetime 

func (o SubjectDescriptionResponseOutput) Lifetime() pulumi.StringOutput

For convenience, the actual lifetime of an issued certificate.

func (SubjectDescriptionResponseOutput) NotAfterTime 

func (o SubjectDescriptionResponseOutput) NotAfterTime() pulumi.StringOutput

The time after which the certificate is expired. Per RFC 5280, the validity period for a certificate is the period of time from not_before_time through not_after_time, inclusive. Corresponds to 'not_before_time' + 'lifetime' - 1 second.

func (SubjectDescriptionResponseOutput) NotBeforeTime 

func (o SubjectDescriptionResponseOutput) NotBeforeTime() pulumi.StringOutput

The time at which the certificate becomes valid.

func (SubjectDescriptionResponseOutput) Subject 

func (o SubjectDescriptionResponseOutput) Subject() SubjectResponseOutput

Contains distinguished name fields such as the common name, location and / organization.

func (SubjectDescriptionResponseOutput) SubjectAltName 

func (o SubjectDescriptionResponseOutput) SubjectAltName() SubjectAltNamesResponseOutput

The subject alternative name fields.

func (SubjectDescriptionResponseOutput) ToSubjectDescriptionResponseOutput 

func (o SubjectDescriptionResponseOutput) ToSubjectDescriptionResponseOutput() SubjectDescriptionResponseOutput

func (SubjectDescriptionResponseOutput) ToSubjectDescriptionResponseOutputWithContext 

func (o SubjectDescriptionResponseOutput) ToSubjectDescriptionResponseOutputWithContext(ctx context.Context) SubjectDescriptionResponseOutput

type SubjectInput 

type SubjectInput interface {
	pulumi.Input

	ToSubjectOutput() SubjectOutput
	ToSubjectOutputWithContext(context.Context) SubjectOutput
}

SubjectInput is an input type that accepts SubjectArgs and SubjectOutput values. You can construct a concrete instance of `SubjectInput` via: 

SubjectArgs{...}

type SubjectOutput 

type SubjectOutput struct{ *pulumi.OutputState }

Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.

func (SubjectOutput) CommonName 

func (o SubjectOutput) CommonName() pulumi.StringPtrOutput

The "common name" of the subject.

func (SubjectOutput) CountryCode 

func (o SubjectOutput) CountryCode() pulumi.StringPtrOutput

The country code of the subject.

func (SubjectOutput) ElementType 

func (SubjectOutput) ElementType() reflect.Type

func (SubjectOutput) Locality 

func (o SubjectOutput) Locality() pulumi.StringPtrOutput

The locality or city of the subject.

func (SubjectOutput) Organization 

func (o SubjectOutput) Organization() pulumi.StringPtrOutput

The organization of the subject.

func (SubjectOutput) OrganizationalUnit 

func (o SubjectOutput) OrganizationalUnit() pulumi.StringPtrOutput

The organizational_unit of the subject.

func (SubjectOutput) PostalCode 

func (o SubjectOutput) PostalCode() pulumi.StringPtrOutput

The postal code of the subject.

func (SubjectOutput) Province 

func (o SubjectOutput) Province() pulumi.StringPtrOutput

The province, territory, or regional state of the subject.

func (SubjectOutput) StreetAddress 

func (o SubjectOutput) StreetAddress() pulumi.StringPtrOutput

The street address of the subject.

func (SubjectOutput) ToSubjectOutput 

func (o SubjectOutput) ToSubjectOutput() SubjectOutput

func (SubjectOutput) ToSubjectOutputWithContext 

func (o SubjectOutput) ToSubjectOutputWithContext(ctx context.Context) SubjectOutput

func (SubjectOutput) ToSubjectPtrOutput 

func (o SubjectOutput) ToSubjectPtrOutput() SubjectPtrOutput

func (SubjectOutput) ToSubjectPtrOutputWithContext 

func (o SubjectOutput) ToSubjectPtrOutputWithContext(ctx context.Context) SubjectPtrOutput

type SubjectPtrInput 

type SubjectPtrInput interface {
	pulumi.Input

	ToSubjectPtrOutput() SubjectPtrOutput
	ToSubjectPtrOutputWithContext(context.Context) SubjectPtrOutput
}

SubjectPtrInput is an input type that accepts SubjectArgs, SubjectPtr and SubjectPtrOutput values. You can construct a concrete instance of `SubjectPtrInput` via: 

        SubjectArgs{...}

or:

        nil

func SubjectPtr 

func SubjectPtr(v *SubjectArgs) SubjectPtrInput

type SubjectPtrOutput 

type SubjectPtrOutput struct{ *pulumi.OutputState }

func (SubjectPtrOutput) CommonName 

func (o SubjectPtrOutput) CommonName() pulumi.StringPtrOutput

The "common name" of the subject.

func (SubjectPtrOutput) CountryCode 

func (o SubjectPtrOutput) CountryCode() pulumi.StringPtrOutput

The country code of the subject.

func (SubjectPtrOutput) Elem 

func (o SubjectPtrOutput) Elem() SubjectOutput

func (SubjectPtrOutput) ElementType 

func (SubjectPtrOutput) ElementType() reflect.Type

func (SubjectPtrOutput) Locality 

func (o SubjectPtrOutput) Locality() pulumi.StringPtrOutput

The locality or city of the subject.

func (SubjectPtrOutput) Organization 

func (o SubjectPtrOutput) Organization() pulumi.StringPtrOutput

The organization of the subject.

func (SubjectPtrOutput) OrganizationalUnit 

func (o SubjectPtrOutput) OrganizationalUnit() pulumi.StringPtrOutput

The organizational_unit of the subject.

func (SubjectPtrOutput) PostalCode 

func (o SubjectPtrOutput) PostalCode() pulumi.StringPtrOutput

The postal code of the subject.

func (SubjectPtrOutput) Province 

func (o SubjectPtrOutput) Province() pulumi.StringPtrOutput

The province, territory, or regional state of the subject.

func (SubjectPtrOutput) StreetAddress 

func (o SubjectPtrOutput) StreetAddress() pulumi.StringPtrOutput

The street address of the subject.

func (SubjectPtrOutput) ToSubjectPtrOutput 

func (o SubjectPtrOutput) ToSubjectPtrOutput() SubjectPtrOutput

func (SubjectPtrOutput) ToSubjectPtrOutputWithContext 

func (o SubjectPtrOutput) ToSubjectPtrOutputWithContext(ctx context.Context) SubjectPtrOutput

type SubjectResponse 

type SubjectResponse struct {
	// The "common name" of the subject.
	CommonName string `pulumi:"commonName"`
	// The country code of the subject.
	CountryCode string `pulumi:"countryCode"`
	// The locality or city of the subject.
	Locality string `pulumi:"locality"`
	// The organization of the subject.
	Organization string `pulumi:"organization"`
	// The organizational_unit of the subject.
	OrganizationalUnit string `pulumi:"organizationalUnit"`
	// The postal code of the subject.
	PostalCode string `pulumi:"postalCode"`
	// The province, territory, or regional state of the subject.
	Province string `pulumi:"province"`
	// The street address of the subject.
	StreetAddress string `pulumi:"streetAddress"`
}

Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.

type SubjectResponseOutput 

type SubjectResponseOutput struct{ *pulumi.OutputState }

Subject describes parts of a distinguished name that, in turn, describes the subject of the certificate.

func (SubjectResponseOutput) CommonName 

func (o SubjectResponseOutput) CommonName() pulumi.StringOutput

The "common name" of the subject.

func (SubjectResponseOutput) CountryCode 

func (o SubjectResponseOutput) CountryCode() pulumi.StringOutput

The country code of the subject.

func (SubjectResponseOutput) ElementType 

func (SubjectResponseOutput) ElementType() reflect.Type

func (SubjectResponseOutput) Locality 

func (o SubjectResponseOutput) Locality() pulumi.StringOutput

The locality or city of the subject.

func (SubjectResponseOutput) Organization 

func (o SubjectResponseOutput) Organization() pulumi.StringOutput

The organization of the subject.

func (SubjectResponseOutput) OrganizationalUnit 

func (o SubjectResponseOutput) OrganizationalUnit() pulumi.StringOutput

The organizational_unit of the subject.

func (SubjectResponseOutput) PostalCode 

func (o SubjectResponseOutput) PostalCode() pulumi.StringOutput

The postal code of the subject.

func (SubjectResponseOutput) Province 

func (o SubjectResponseOutput) Province() pulumi.StringOutput

The province, territory, or regional state of the subject.

func (SubjectResponseOutput) StreetAddress 

func (o SubjectResponseOutput) StreetAddress() pulumi.StringOutput

The street address of the subject.

func (SubjectResponseOutput) ToSubjectResponseOutput 

func (o SubjectResponseOutput) ToSubjectResponseOutput() SubjectResponseOutput

func (SubjectResponseOutput) ToSubjectResponseOutputWithContext 

func (o SubjectResponseOutput) ToSubjectResponseOutputWithContext(ctx context.Context) SubjectResponseOutput

type SubordinateConfig 

type SubordinateConfig struct {
	// This can refer to a CertificateAuthority that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	CertificateAuthority string `pulumi:"certificateAuthority"`
	// Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.
	PemIssuerChain SubordinateConfigChain `pulumi:"pemIssuerChain"`
}

Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain.

type SubordinateConfigArgs 

type SubordinateConfigArgs struct {
	// This can refer to a CertificateAuthority that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	CertificateAuthority pulumi.StringInput `pulumi:"certificateAuthority"`
	// Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.
	PemIssuerChain SubordinateConfigChainInput `pulumi:"pemIssuerChain"`
}

Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain.

func (SubordinateConfigArgs) ElementType 

func (SubordinateConfigArgs) ElementType() reflect.Type

func (SubordinateConfigArgs) ToSubordinateConfigOutput 

func (i SubordinateConfigArgs) ToSubordinateConfigOutput() SubordinateConfigOutput

func (SubordinateConfigArgs) ToSubordinateConfigOutputWithContext 

func (i SubordinateConfigArgs) ToSubordinateConfigOutputWithContext(ctx context.Context) SubordinateConfigOutput

func (SubordinateConfigArgs) ToSubordinateConfigPtrOutput 

func (i SubordinateConfigArgs) ToSubordinateConfigPtrOutput() SubordinateConfigPtrOutput

func (SubordinateConfigArgs) ToSubordinateConfigPtrOutputWithContext 

func (i SubordinateConfigArgs) ToSubordinateConfigPtrOutputWithContext(ctx context.Context) SubordinateConfigPtrOutput

type SubordinateConfigChain 

type SubordinateConfigChain struct {
	// Expected to be in leaf-to-root order according to RFC 5246.
	PemCertificates []string `pulumi:"pemCertificates"`
}

This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.

type SubordinateConfigChainArgs 

type SubordinateConfigChainArgs struct {
	// Expected to be in leaf-to-root order according to RFC 5246.
	PemCertificates pulumi.StringArrayInput `pulumi:"pemCertificates"`
}

This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.

func (SubordinateConfigChainArgs) ElementType 

func (SubordinateConfigChainArgs) ElementType() reflect.Type

func (SubordinateConfigChainArgs) ToSubordinateConfigChainOutput 

func (i SubordinateConfigChainArgs) ToSubordinateConfigChainOutput() SubordinateConfigChainOutput

func (SubordinateConfigChainArgs) ToSubordinateConfigChainOutputWithContext 

func (i SubordinateConfigChainArgs) ToSubordinateConfigChainOutputWithContext(ctx context.Context) SubordinateConfigChainOutput

func (SubordinateConfigChainArgs) ToSubordinateConfigChainPtrOutput 

func (i SubordinateConfigChainArgs) ToSubordinateConfigChainPtrOutput() SubordinateConfigChainPtrOutput

func (SubordinateConfigChainArgs) ToSubordinateConfigChainPtrOutputWithContext 

func (i SubordinateConfigChainArgs) ToSubordinateConfigChainPtrOutputWithContext(ctx context.Context) SubordinateConfigChainPtrOutput

type SubordinateConfigChainInput 

type SubordinateConfigChainInput interface {
	pulumi.Input

	ToSubordinateConfigChainOutput() SubordinateConfigChainOutput
	ToSubordinateConfigChainOutputWithContext(context.Context) SubordinateConfigChainOutput
}

SubordinateConfigChainInput is an input type that accepts SubordinateConfigChainArgs and SubordinateConfigChainOutput values. You can construct a concrete instance of `SubordinateConfigChainInput` via: 

SubordinateConfigChainArgs{...}

type SubordinateConfigChainOutput 

type SubordinateConfigChainOutput struct{ *pulumi.OutputState }

This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.

func (SubordinateConfigChainOutput) ElementType 

func (SubordinateConfigChainOutput) ElementType() reflect.Type

func (SubordinateConfigChainOutput) PemCertificates 

func (o SubordinateConfigChainOutput) PemCertificates() pulumi.StringArrayOutput

Expected to be in leaf-to-root order according to RFC 5246.

func (SubordinateConfigChainOutput) ToSubordinateConfigChainOutput 

func (o SubordinateConfigChainOutput) ToSubordinateConfigChainOutput() SubordinateConfigChainOutput

func (SubordinateConfigChainOutput) ToSubordinateConfigChainOutputWithContext 

func (o SubordinateConfigChainOutput) ToSubordinateConfigChainOutputWithContext(ctx context.Context) SubordinateConfigChainOutput

func (SubordinateConfigChainOutput) ToSubordinateConfigChainPtrOutput 

func (o SubordinateConfigChainOutput) ToSubordinateConfigChainPtrOutput() SubordinateConfigChainPtrOutput

func (SubordinateConfigChainOutput) ToSubordinateConfigChainPtrOutputWithContext 

func (o SubordinateConfigChainOutput) ToSubordinateConfigChainPtrOutputWithContext(ctx context.Context) SubordinateConfigChainPtrOutput

type SubordinateConfigChainPtrInput 

type SubordinateConfigChainPtrInput interface {
	pulumi.Input

	ToSubordinateConfigChainPtrOutput() SubordinateConfigChainPtrOutput
	ToSubordinateConfigChainPtrOutputWithContext(context.Context) SubordinateConfigChainPtrOutput
}

SubordinateConfigChainPtrInput is an input type that accepts SubordinateConfigChainArgs, SubordinateConfigChainPtr and SubordinateConfigChainPtrOutput values. You can construct a concrete instance of `SubordinateConfigChainPtrInput` via: 

        SubordinateConfigChainArgs{...}

or:

        nil

func SubordinateConfigChainPtr 

func SubordinateConfigChainPtr(v *SubordinateConfigChainArgs) SubordinateConfigChainPtrInput

type SubordinateConfigChainPtrOutput 

type SubordinateConfigChainPtrOutput struct{ *pulumi.OutputState }

func (SubordinateConfigChainPtrOutput) Elem 

func (o SubordinateConfigChainPtrOutput) Elem() SubordinateConfigChainOutput

func (SubordinateConfigChainPtrOutput) ElementType 

func (SubordinateConfigChainPtrOutput) ElementType() reflect.Type

func (SubordinateConfigChainPtrOutput) PemCertificates 

func (o SubordinateConfigChainPtrOutput) PemCertificates() pulumi.StringArrayOutput

Expected to be in leaf-to-root order according to RFC 5246.

func (SubordinateConfigChainPtrOutput) ToSubordinateConfigChainPtrOutput 

func (o SubordinateConfigChainPtrOutput) ToSubordinateConfigChainPtrOutput() SubordinateConfigChainPtrOutput

func (SubordinateConfigChainPtrOutput) ToSubordinateConfigChainPtrOutputWithContext 

func (o SubordinateConfigChainPtrOutput) ToSubordinateConfigChainPtrOutputWithContext(ctx context.Context) SubordinateConfigChainPtrOutput

type SubordinateConfigChainResponse 

type SubordinateConfigChainResponse struct {
	// Expected to be in leaf-to-root order according to RFC 5246.
	PemCertificates []string `pulumi:"pemCertificates"`
}

This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.

type SubordinateConfigChainResponseOutput 

type SubordinateConfigChainResponseOutput struct{ *pulumi.OutputState }

This message describes a subordinate CA's issuer certificate chain. This wrapper exists for compatibility reasons.

func (SubordinateConfigChainResponseOutput) ElementType 

func (SubordinateConfigChainResponseOutput) ElementType() reflect.Type

func (SubordinateConfigChainResponseOutput) PemCertificates 

func (o SubordinateConfigChainResponseOutput) PemCertificates() pulumi.StringArrayOutput

Expected to be in leaf-to-root order according to RFC 5246.

func (SubordinateConfigChainResponseOutput) ToSubordinateConfigChainResponseOutput 

func (o SubordinateConfigChainResponseOutput) ToSubordinateConfigChainResponseOutput() SubordinateConfigChainResponseOutput

func (SubordinateConfigChainResponseOutput) ToSubordinateConfigChainResponseOutputWithContext 

func (o SubordinateConfigChainResponseOutput) ToSubordinateConfigChainResponseOutputWithContext(ctx context.Context) SubordinateConfigChainResponseOutput

type SubordinateConfigInput 

type SubordinateConfigInput interface {
	pulumi.Input

	ToSubordinateConfigOutput() SubordinateConfigOutput
	ToSubordinateConfigOutputWithContext(context.Context) SubordinateConfigOutput
}

SubordinateConfigInput is an input type that accepts SubordinateConfigArgs and SubordinateConfigOutput values. You can construct a concrete instance of `SubordinateConfigInput` via: 

SubordinateConfigArgs{...}

type SubordinateConfigOutput 

type SubordinateConfigOutput struct{ *pulumi.OutputState }

Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain.

func (SubordinateConfigOutput) CertificateAuthority 

func (o SubordinateConfigOutput) CertificateAuthority() pulumi.StringOutput

This can refer to a CertificateAuthority that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.

func (SubordinateConfigOutput) ElementType 

func (SubordinateConfigOutput) ElementType() reflect.Type

func (SubordinateConfigOutput) PemIssuerChain 

func (o SubordinateConfigOutput) PemIssuerChain() SubordinateConfigChainOutput

Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.

func (SubordinateConfigOutput) ToSubordinateConfigOutput 

func (o SubordinateConfigOutput) ToSubordinateConfigOutput() SubordinateConfigOutput

func (SubordinateConfigOutput) ToSubordinateConfigOutputWithContext 

func (o SubordinateConfigOutput) ToSubordinateConfigOutputWithContext(ctx context.Context) SubordinateConfigOutput

func (SubordinateConfigOutput) ToSubordinateConfigPtrOutput 

func (o SubordinateConfigOutput) ToSubordinateConfigPtrOutput() SubordinateConfigPtrOutput

func (SubordinateConfigOutput) ToSubordinateConfigPtrOutputWithContext 

func (o SubordinateConfigOutput) ToSubordinateConfigPtrOutputWithContext(ctx context.Context) SubordinateConfigPtrOutput

type SubordinateConfigPtrInput 

type SubordinateConfigPtrInput interface {
	pulumi.Input

	ToSubordinateConfigPtrOutput() SubordinateConfigPtrOutput
	ToSubordinateConfigPtrOutputWithContext(context.Context) SubordinateConfigPtrOutput
}

SubordinateConfigPtrInput is an input type that accepts SubordinateConfigArgs, SubordinateConfigPtr and SubordinateConfigPtrOutput values. You can construct a concrete instance of `SubordinateConfigPtrInput` via: 

        SubordinateConfigArgs{...}

or:

        nil

func SubordinateConfigPtr 

func SubordinateConfigPtr(v *SubordinateConfigArgs) SubordinateConfigPtrInput

type SubordinateConfigPtrOutput 

type SubordinateConfigPtrOutput struct{ *pulumi.OutputState }

func (SubordinateConfigPtrOutput) CertificateAuthority 

func (o SubordinateConfigPtrOutput) CertificateAuthority() pulumi.StringPtrOutput

This can refer to a CertificateAuthority that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.

func (SubordinateConfigPtrOutput) Elem 

func (o SubordinateConfigPtrOutput) Elem() SubordinateConfigOutput

func (SubordinateConfigPtrOutput) ElementType 

func (SubordinateConfigPtrOutput) ElementType() reflect.Type

func (SubordinateConfigPtrOutput) PemIssuerChain 

func (o SubordinateConfigPtrOutput) PemIssuerChain() SubordinateConfigChainPtrOutput

Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.

func (SubordinateConfigPtrOutput) ToSubordinateConfigPtrOutput 

func (o SubordinateConfigPtrOutput) ToSubordinateConfigPtrOutput() SubordinateConfigPtrOutput

func (SubordinateConfigPtrOutput) ToSubordinateConfigPtrOutputWithContext 

func (o SubordinateConfigPtrOutput) ToSubordinateConfigPtrOutputWithContext(ctx context.Context) SubordinateConfigPtrOutput

type SubordinateConfigResponse 

type SubordinateConfigResponse struct {
	// This can refer to a CertificateAuthority that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.
	CertificateAuthority string `pulumi:"certificateAuthority"`
	// Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.
	PemIssuerChain SubordinateConfigChainResponse `pulumi:"pemIssuerChain"`
}

Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain.

type SubordinateConfigResponseOutput 

type SubordinateConfigResponseOutput struct{ *pulumi.OutputState }

Describes a subordinate CA's issuers. This is either a resource name to a known issuing CertificateAuthority, or a PEM issuer certificate chain.

func (SubordinateConfigResponseOutput) CertificateAuthority 

func (o SubordinateConfigResponseOutput) CertificateAuthority() pulumi.StringOutput

This can refer to a CertificateAuthority that was used to create a subordinate CertificateAuthority. This field is used for information and usability purposes only. The resource name is in the format `projects/*/locations/*/caPools/*/certificateAuthorities/*`.

func (SubordinateConfigResponseOutput) ElementType 

func (SubordinateConfigResponseOutput) ElementType() reflect.Type

func (SubordinateConfigResponseOutput) PemIssuerChain 

func (o SubordinateConfigResponseOutput) PemIssuerChain() SubordinateConfigChainResponseOutput

Contains the PEM certificate chain for the issuers of this CertificateAuthority, but not pem certificate for this CA itself.

func (SubordinateConfigResponseOutput) ToSubordinateConfigResponseOutput 

func (o SubordinateConfigResponseOutput) ToSubordinateConfigResponseOutput() SubordinateConfigResponseOutput

func (SubordinateConfigResponseOutput) ToSubordinateConfigResponseOutputWithContext 

func (o SubordinateConfigResponseOutput) ToSubordinateConfigResponseOutputWithContext(ctx context.Context) SubordinateConfigResponseOutput

type X509Extension 

type X509Extension struct {
	// Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
	Critical *bool `pulumi:"critical"`
	// The OID for this X.509 extension.
	ObjectId ObjectId `pulumi:"objectId"`
	// The value of this X.509 extension.
	Value string `pulumi:"value"`
}

An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.

type X509ExtensionArgs 

type X509ExtensionArgs struct {
	// Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
	Critical pulumi.BoolPtrInput `pulumi:"critical"`
	// The OID for this X.509 extension.
	ObjectId ObjectIdInput `pulumi:"objectId"`
	// The value of this X.509 extension.
	Value pulumi.StringInput `pulumi:"value"`
}

An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.

func (X509ExtensionArgs) ElementType 

func (X509ExtensionArgs) ElementType() reflect.Type

func (X509ExtensionArgs) ToX509ExtensionOutput 

func (i X509ExtensionArgs) ToX509ExtensionOutput() X509ExtensionOutput

func (X509ExtensionArgs) ToX509ExtensionOutputWithContext 

func (i X509ExtensionArgs) ToX509ExtensionOutputWithContext(ctx context.Context) X509ExtensionOutput

type X509ExtensionArray 

type X509ExtensionArray []X509ExtensionInput

func (X509ExtensionArray) ElementType 

func (X509ExtensionArray) ElementType() reflect.Type

func (X509ExtensionArray) ToX509ExtensionArrayOutput 

func (i X509ExtensionArray) ToX509ExtensionArrayOutput() X509ExtensionArrayOutput

func (X509ExtensionArray) ToX509ExtensionArrayOutputWithContext 

func (i X509ExtensionArray) ToX509ExtensionArrayOutputWithContext(ctx context.Context) X509ExtensionArrayOutput

type X509ExtensionArrayInput 

type X509ExtensionArrayInput interface {
	pulumi.Input

	ToX509ExtensionArrayOutput() X509ExtensionArrayOutput
	ToX509ExtensionArrayOutputWithContext(context.Context) X509ExtensionArrayOutput
}

X509ExtensionArrayInput is an input type that accepts X509ExtensionArray and X509ExtensionArrayOutput values. You can construct a concrete instance of `X509ExtensionArrayInput` via: 

X509ExtensionArray{ X509ExtensionArgs{...} }

type X509ExtensionArrayOutput 

type X509ExtensionArrayOutput struct{ *pulumi.OutputState }

func (X509ExtensionArrayOutput) ElementType 

func (X509ExtensionArrayOutput) ElementType() reflect.Type

func (X509ExtensionArrayOutput) Index 

func (o X509ExtensionArrayOutput) Index(i pulumi.IntInput) X509ExtensionOutput

func (X509ExtensionArrayOutput) ToX509ExtensionArrayOutput 

func (o X509ExtensionArrayOutput) ToX509ExtensionArrayOutput() X509ExtensionArrayOutput

func (X509ExtensionArrayOutput) ToX509ExtensionArrayOutputWithContext 

func (o X509ExtensionArrayOutput) ToX509ExtensionArrayOutputWithContext(ctx context.Context) X509ExtensionArrayOutput

type X509ExtensionInput 

type X509ExtensionInput interface {
	pulumi.Input

	ToX509ExtensionOutput() X509ExtensionOutput
	ToX509ExtensionOutputWithContext(context.Context) X509ExtensionOutput
}

X509ExtensionInput is an input type that accepts X509ExtensionArgs and X509ExtensionOutput values. You can construct a concrete instance of `X509ExtensionInput` via: 

X509ExtensionArgs{...}

type X509ExtensionOutput 

type X509ExtensionOutput struct{ *pulumi.OutputState }

An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.

func (X509ExtensionOutput) Critical 

func (o X509ExtensionOutput) Critical() pulumi.BoolPtrOutput

Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

func (X509ExtensionOutput) ElementType 

func (X509ExtensionOutput) ElementType() reflect.Type

func (X509ExtensionOutput) ObjectId 

func (o X509ExtensionOutput) ObjectId() ObjectIdOutput

The OID for this X.509 extension.

func (X509ExtensionOutput) ToX509ExtensionOutput 

func (o X509ExtensionOutput) ToX509ExtensionOutput() X509ExtensionOutput

func (X509ExtensionOutput) ToX509ExtensionOutputWithContext 

func (o X509ExtensionOutput) ToX509ExtensionOutputWithContext(ctx context.Context) X509ExtensionOutput

func (X509ExtensionOutput) Value 

func (o X509ExtensionOutput) Value() pulumi.StringOutput

The value of this X.509 extension.

type X509ExtensionResponse 

type X509ExtensionResponse struct {
	// Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
	Critical bool `pulumi:"critical"`
	// The OID for this X.509 extension.
	ObjectId ObjectIdResponse `pulumi:"objectId"`
	// The value of this X.509 extension.
	Value string `pulumi:"value"`
}

An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.

type X509ExtensionResponseArrayOutput 

type X509ExtensionResponseArrayOutput struct{ *pulumi.OutputState }

func (X509ExtensionResponseArrayOutput) ElementType 

func (X509ExtensionResponseArrayOutput) ElementType() reflect.Type

func (X509ExtensionResponseArrayOutput) Index 

func (o X509ExtensionResponseArrayOutput) Index(i pulumi.IntInput) X509ExtensionResponseOutput

func (X509ExtensionResponseArrayOutput) ToX509ExtensionResponseArrayOutput 

func (o X509ExtensionResponseArrayOutput) ToX509ExtensionResponseArrayOutput() X509ExtensionResponseArrayOutput

func (X509ExtensionResponseArrayOutput) ToX509ExtensionResponseArrayOutputWithContext 

func (o X509ExtensionResponseArrayOutput) ToX509ExtensionResponseArrayOutputWithContext(ctx context.Context) X509ExtensionResponseArrayOutput

type X509ExtensionResponseOutput 

type X509ExtensionResponseOutput struct{ *pulumi.OutputState }

An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.

func (X509ExtensionResponseOutput) Critical 

func (o X509ExtensionResponseOutput) Critical() pulumi.BoolOutput

Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).

func (X509ExtensionResponseOutput) ElementType 

func (X509ExtensionResponseOutput) ElementType() reflect.Type

func (X509ExtensionResponseOutput) ObjectId 

func (o X509ExtensionResponseOutput) ObjectId() ObjectIdResponseOutput

The OID for this X.509 extension.

func (X509ExtensionResponseOutput) ToX509ExtensionResponseOutput 

func (o X509ExtensionResponseOutput) ToX509ExtensionResponseOutput() X509ExtensionResponseOutput

func (X509ExtensionResponseOutput) ToX509ExtensionResponseOutputWithContext 

func (o X509ExtensionResponseOutput) ToX509ExtensionResponseOutputWithContext(ctx context.Context) X509ExtensionResponseOutput

func (X509ExtensionResponseOutput) Value 

func (o X509ExtensionResponseOutput) Value() pulumi.StringOutput

The value of this X.509 extension.

type X509Parameters 

type X509Parameters struct {
	// Optional. Describes custom X.509 extensions.
	AdditionalExtensions []X509Extension `pulumi:"additionalExtensions"`
	// Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
	AiaOcspServers []string `pulumi:"aiaOcspServers"`
	// Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
	CaOptions *CaOptions `pulumi:"caOptions"`
	// Optional. Indicates the intended use for keys that correspond to a certificate.
	KeyUsage *KeyUsage `pulumi:"keyUsage"`
	// Optional. Describes the X.509 name constraints extension.
	NameConstraints *NameConstraints `pulumi:"nameConstraints"`
	// Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
	PolicyIds []ObjectId `pulumi:"policyIds"`
}

An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

type X509ParametersArgs 

type X509ParametersArgs struct {
	// Optional. Describes custom X.509 extensions.
	AdditionalExtensions X509ExtensionArrayInput `pulumi:"additionalExtensions"`
	// Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
	AiaOcspServers pulumi.StringArrayInput `pulumi:"aiaOcspServers"`
	// Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
	CaOptions CaOptionsPtrInput `pulumi:"caOptions"`
	// Optional. Indicates the intended use for keys that correspond to a certificate.
	KeyUsage KeyUsagePtrInput `pulumi:"keyUsage"`
	// Optional. Describes the X.509 name constraints extension.
	NameConstraints NameConstraintsPtrInput `pulumi:"nameConstraints"`
	// Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
	PolicyIds ObjectIdArrayInput `pulumi:"policyIds"`
}

An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

func (X509ParametersArgs) ElementType 

func (X509ParametersArgs) ElementType() reflect.Type

func (X509ParametersArgs) ToX509ParametersOutput 

func (i X509ParametersArgs) ToX509ParametersOutput() X509ParametersOutput

func (X509ParametersArgs) ToX509ParametersOutputWithContext 

func (i X509ParametersArgs) ToX509ParametersOutputWithContext(ctx context.Context) X509ParametersOutput

func (X509ParametersArgs) ToX509ParametersPtrOutput 

func (i X509ParametersArgs) ToX509ParametersPtrOutput() X509ParametersPtrOutput

func (X509ParametersArgs) ToX509ParametersPtrOutputWithContext 

func (i X509ParametersArgs) ToX509ParametersPtrOutputWithContext(ctx context.Context) X509ParametersPtrOutput

type X509ParametersInput 

type X509ParametersInput interface {
	pulumi.Input

	ToX509ParametersOutput() X509ParametersOutput
	ToX509ParametersOutputWithContext(context.Context) X509ParametersOutput
}

X509ParametersInput is an input type that accepts X509ParametersArgs and X509ParametersOutput values. You can construct a concrete instance of `X509ParametersInput` via: 

X509ParametersArgs{...}

type X509ParametersOutput 

type X509ParametersOutput struct{ *pulumi.OutputState }

An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

func (X509ParametersOutput) AdditionalExtensions 

func (o X509ParametersOutput) AdditionalExtensions() X509ExtensionArrayOutput

Optional. Describes custom X.509 extensions.

func (X509ParametersOutput) AiaOcspServers 

func (o X509ParametersOutput) AiaOcspServers() pulumi.StringArrayOutput

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

func (X509ParametersOutput) CaOptions 

func (o X509ParametersOutput) CaOptions() CaOptionsPtrOutput

Optional. Describes options in this X509Parameters that are relevant in a CA certificate.

func (X509ParametersOutput) ElementType 

func (X509ParametersOutput) ElementType() reflect.Type

func (X509ParametersOutput) KeyUsage 

func (o X509ParametersOutput) KeyUsage() KeyUsagePtrOutput

Optional. Indicates the intended use for keys that correspond to a certificate.

func (X509ParametersOutput) NameConstraints added in v0.29.0 

func (o X509ParametersOutput) NameConstraints() NameConstraintsPtrOutput

Optional. Describes the X.509 name constraints extension.

func (X509ParametersOutput) PolicyIds 

func (o X509ParametersOutput) PolicyIds() ObjectIdArrayOutput

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

func (X509ParametersOutput) ToX509ParametersOutput 

func (o X509ParametersOutput) ToX509ParametersOutput() X509ParametersOutput

func (X509ParametersOutput) ToX509ParametersOutputWithContext 

func (o X509ParametersOutput) ToX509ParametersOutputWithContext(ctx context.Context) X509ParametersOutput

func (X509ParametersOutput) ToX509ParametersPtrOutput 

func (o X509ParametersOutput) ToX509ParametersPtrOutput() X509ParametersPtrOutput

func (X509ParametersOutput) ToX509ParametersPtrOutputWithContext 

func (o X509ParametersOutput) ToX509ParametersPtrOutputWithContext(ctx context.Context) X509ParametersPtrOutput

type X509ParametersPtrInput 

type X509ParametersPtrInput interface {
	pulumi.Input

	ToX509ParametersPtrOutput() X509ParametersPtrOutput
	ToX509ParametersPtrOutputWithContext(context.Context) X509ParametersPtrOutput
}

X509ParametersPtrInput is an input type that accepts X509ParametersArgs, X509ParametersPtr and X509ParametersPtrOutput values. You can construct a concrete instance of `X509ParametersPtrInput` via: 

        X509ParametersArgs{...}

or:

        nil

func X509ParametersPtr 

func X509ParametersPtr(v *X509ParametersArgs) X509ParametersPtrInput

type X509ParametersPtrOutput 

type X509ParametersPtrOutput struct{ *pulumi.OutputState }

func (X509ParametersPtrOutput) AdditionalExtensions 

func (o X509ParametersPtrOutput) AdditionalExtensions() X509ExtensionArrayOutput

Optional. Describes custom X.509 extensions.

func (X509ParametersPtrOutput) AiaOcspServers 

func (o X509ParametersPtrOutput) AiaOcspServers() pulumi.StringArrayOutput

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

func (X509ParametersPtrOutput) CaOptions 

func (o X509ParametersPtrOutput) CaOptions() CaOptionsPtrOutput

Optional. Describes options in this X509Parameters that are relevant in a CA certificate.

func (X509ParametersPtrOutput) Elem 

func (o X509ParametersPtrOutput) Elem() X509ParametersOutput

func (X509ParametersPtrOutput) ElementType 

func (X509ParametersPtrOutput) ElementType() reflect.Type

func (X509ParametersPtrOutput) KeyUsage 

func (o X509ParametersPtrOutput) KeyUsage() KeyUsagePtrOutput

Optional. Indicates the intended use for keys that correspond to a certificate.

func (X509ParametersPtrOutput) NameConstraints added in v0.29.0 

func (o X509ParametersPtrOutput) NameConstraints() NameConstraintsPtrOutput

Optional. Describes the X.509 name constraints extension.

func (X509ParametersPtrOutput) PolicyIds 

func (o X509ParametersPtrOutput) PolicyIds() ObjectIdArrayOutput

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

func (X509ParametersPtrOutput) ToX509ParametersPtrOutput 

func (o X509ParametersPtrOutput) ToX509ParametersPtrOutput() X509ParametersPtrOutput

func (X509ParametersPtrOutput) ToX509ParametersPtrOutputWithContext 

func (o X509ParametersPtrOutput) ToX509ParametersPtrOutputWithContext(ctx context.Context) X509ParametersPtrOutput

type X509ParametersResponse 

type X509ParametersResponse struct {
	// Optional. Describes custom X.509 extensions.
	AdditionalExtensions []X509ExtensionResponse `pulumi:"additionalExtensions"`
	// Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.
	AiaOcspServers []string `pulumi:"aiaOcspServers"`
	// Optional. Describes options in this X509Parameters that are relevant in a CA certificate.
	CaOptions CaOptionsResponse `pulumi:"caOptions"`
	// Optional. Indicates the intended use for keys that correspond to a certificate.
	KeyUsage KeyUsageResponse `pulumi:"keyUsage"`
	// Optional. Describes the X.509 name constraints extension.
	NameConstraints NameConstraintsResponse `pulumi:"nameConstraints"`
	// Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.
	PolicyIds []ObjectIdResponse `pulumi:"policyIds"`
}

An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

type X509ParametersResponseOutput 

type X509ParametersResponseOutput struct{ *pulumi.OutputState }

An X509Parameters is used to describe certain fields of an X.509 certificate, such as the key usage fields, fields specific to CA certificates, certificate policy extensions and custom extensions.

func (X509ParametersResponseOutput) AdditionalExtensions 

func (o X509ParametersResponseOutput) AdditionalExtensions() X509ExtensionResponseArrayOutput

Optional. Describes custom X.509 extensions.

func (X509ParametersResponseOutput) AiaOcspServers 

func (o X509ParametersResponseOutput) AiaOcspServers() pulumi.StringArrayOutput

Optional. Describes Online Certificate Status Protocol (OCSP) endpoint addresses that appear in the "Authority Information Access" extension in the certificate.

func (X509ParametersResponseOutput) CaOptions 

func (o X509ParametersResponseOutput) CaOptions() CaOptionsResponseOutput

Optional. Describes options in this X509Parameters that are relevant in a CA certificate.

func (X509ParametersResponseOutput) ElementType 

func (X509ParametersResponseOutput) ElementType() reflect.Type

func (X509ParametersResponseOutput) KeyUsage 

func (o X509ParametersResponseOutput) KeyUsage() KeyUsageResponseOutput

Optional. Indicates the intended use for keys that correspond to a certificate.

func (X509ParametersResponseOutput) NameConstraints added in v0.29.0 

func (o X509ParametersResponseOutput) NameConstraints() NameConstraintsResponseOutput

Optional. Describes the X.509 name constraints extension.

func (X509ParametersResponseOutput) PolicyIds 

func (o X509ParametersResponseOutput) PolicyIds() ObjectIdResponseArrayOutput

Optional. Describes the X.509 certificate policy object identifiers, per https://tools.ietf.org/html/rfc5280#section-4.2.1.4.

func (X509ParametersResponseOutput) ToX509ParametersResponseOutput 

func (o X509ParametersResponseOutput) ToX509ParametersResponseOutput() X509ParametersResponseOutput

func (X509ParametersResponseOutput) ToX509ParametersResponseOutputWithContext 

func (o X509ParametersResponseOutput) ToX509ParametersResponseOutputWithContext(ctx context.Context) X509ParametersResponseOutput

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.