trust_configs
Creates, updates, deletes, gets or lists a trust_configs resource.
Overview
| Name | trust_configs |
| Type | Resource |
| Id | google.certificatemanager.trust_configs |
Fields
The following fields are returned by SELECT queries:
- get
- list
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. A user-defined name of the trust config. TrustConfig names must be unique globally and match pattern projects/*/locations/*/trustConfigs/*. |
allowlistedCertificates | array | Optional. A certificate matching an allowlisted certificate is always considered valid as long as the certificate is parseable, proof of private key possession is established, and constraints on the certificate's SAN field are met. |
createTime | string (google-datetime) | Output only. The creation timestamp of a TrustConfig. |
description | string | Optional. One or more paragraphs of text description of a TrustConfig. |
etag | string | This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. |
labels | object | Optional. Set of labels associated with a TrustConfig. |
trustStores | array | Optional. Set of trust stores to perform validation against. This field is supported when TrustConfig is configured with Load Balancers, currently not supported for SPIFFE certificate validation. Only one TrustStore specified is currently allowed. |
updateTime | string (google-datetime) | Output only. The last update timestamp of a TrustConfig. |
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Identifier. A user-defined name of the trust config. TrustConfig names must be unique globally and match pattern projects/*/locations/*/trustConfigs/*. |
allowlistedCertificates | array | Optional. A certificate matching an allowlisted certificate is always considered valid as long as the certificate is parseable, proof of private key possession is established, and constraints on the certificate's SAN field are met. |
createTime | string (google-datetime) | Output only. The creation timestamp of a TrustConfig. |
description | string | Optional. One or more paragraphs of text description of a TrustConfig. |
etag | string | This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. |
labels | object | Optional. Set of labels associated with a TrustConfig. |
trustStores | array | Optional. Set of trust stores to perform validation against. This field is supported when TrustConfig is configured with Load Balancers, currently not supported for SPIFFE certificate validation. Only one TrustStore specified is currently allowed. |
updateTime | string (google-datetime) | Output only. The last update timestamp of a TrustConfig. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get | select | projectsId, locationsId, trustConfigsId | Gets details of a single TrustConfig. | |
list | select | projectsId, locationsId | pageSize, pageToken, filter, orderBy | Lists TrustConfigs in a given project and location. |
create | insert | projectsId, locationsId | trustConfigId | Creates a new TrustConfig in a given project and location. |
patch | update | projectsId, locationsId, trustConfigsId | updateMask | Updates a TrustConfig. |
delete | delete | projectsId, locationsId, trustConfigsId | etag | Deletes a single TrustConfig. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
locationsId | string | |
projectsId | string | |
trustConfigsId | string | |
etag | string | |
filter | string | |
orderBy | string | |
pageSize | integer (int32) | |
pageToken | string | |
trustConfigId | string | |
updateMask | string (google-fieldmask) |
SELECT examples
- get
- list
Gets details of a single TrustConfig.
SELECT
name,
allowlistedCertificates,
createTime,
description,
etag,
labels,
trustStores,
updateTime
FROM google.certificatemanager.trust_configs
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND trustConfigsId = '{{ trustConfigsId }}' -- required;
Lists TrustConfigs in a given project and location.
SELECT
name,
allowlistedCertificates,
createTime,
description,
etag,
labels,
trustStores,
updateTime
FROM google.certificatemanager.trust_configs
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND filter = '{{ filter }}'
AND orderBy = '{{ orderBy }}';
INSERT examples
- create
- Manifest
Creates a new TrustConfig in a given project and location.
INSERT INTO google.certificatemanager.trust_configs (
data__name,
data__labels,
data__description,
data__etag,
data__trustStores,
data__allowlistedCertificates,
projectsId,
locationsId,
trustConfigId
)
SELECT
'{{ name }}',
'{{ labels }}',
'{{ description }}',
'{{ etag }}',
'{{ trustStores }}',
'{{ allowlistedCertificates }}',
'{{ projectsId }}',
'{{ locationsId }}',
'{{ trustConfigId }}'
RETURNING
name,
done,
error,
metadata,
response
;
# Description fields are for documentation purposes
- name: trust_configs
props:
- name: projectsId
value: string
description: Required parameter for the trust_configs resource.
- name: locationsId
value: string
description: Required parameter for the trust_configs resource.
- name: name
value: string
description: >
Identifier. A user-defined name of the trust config. TrustConfig names must be unique globally and match pattern `projects/*/locations/*/trustConfigs/*`.
- name: labels
value: object
description: >
Optional. Set of labels associated with a TrustConfig.
- name: description
value: string
description: >
Optional. One or more paragraphs of text description of a TrustConfig.
- name: etag
value: string
description: >
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- name: trustStores
value: array
description: >
Optional. Set of trust stores to perform validation against. This field is supported when TrustConfig is configured with Load Balancers, currently not supported for SPIFFE certificate validation. Only one TrustStore specified is currently allowed.
- name: allowlistedCertificates
value: array
description: >
Optional. A certificate matching an allowlisted certificate is always considered valid as long as the certificate is parseable, proof of private key possession is established, and constraints on the certificate's SAN field are met.
- name: trustConfigId
value: string
UPDATE examples
- patch
Updates a TrustConfig.
UPDATE google.certificatemanager.trust_configs
SET
data__name = '{{ name }}',
data__labels = '{{ labels }}',
data__description = '{{ description }}',
data__etag = '{{ etag }}',
data__trustStores = '{{ trustStores }}',
data__allowlistedCertificates = '{{ allowlistedCertificates }}'
WHERE
projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND trustConfigsId = '{{ trustConfigsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;
DELETE examples
- delete
Deletes a single TrustConfig.
DELETE FROM google.certificatemanager.trust_configs
WHERE projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND trustConfigsId = '{{ trustConfigsId }}' --required
AND etag = '{{ etag }}';