certificate_templates

Creates, updates, deletes, gets or lists a certificate_templates resource.

Overview

Name	`certificate_templates`
Type	Resource
Id	`google.privateca.certificate_templates`

Fields

The following fields are returned by SELECT queries:

get
list

Successful response

Name	Datatype	Description
`name`	`string`	Identifier. The resource name for this CertificateTemplate in the format `projects//locations//certificateTemplates/*`.
`createTime`	`string (google-datetime)`	Output only. The time at which this CertificateTemplate was created.
`description`	`string`	Optional. A human-readable description of scenarios this template is intended for.
`identityConstraints`	`object`	Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity. (id: CertificateIdentityConstraints)
`labels`	`object`	Optional. Labels with user-defined metadata.
`maximumLifetime`	`string (google-duration)`	Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool resource's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
`passthroughExtensions`	`object`	Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values. (id: CertificateExtensionConstraints)
`predefinedValues`	`object`	Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail. (id: X509Parameters)
`updateTime`	`string (google-datetime)`	Output only. The time at which this CertificateTemplate was updated.

Successful response

Name	Datatype	Description
`name`	`string`	Identifier. The resource name for this CertificateTemplate in the format `projects//locations//certificateTemplates/*`.
`createTime`	`string (google-datetime)`	Output only. The time at which this CertificateTemplate was created.
`description`	`string`	Optional. A human-readable description of scenarios this template is intended for.
`identityConstraints`	`object`	Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity. (id: CertificateIdentityConstraints)
`labels`	`object`	Optional. Labels with user-defined metadata.
`maximumLifetime`	`string (google-duration)`	Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool resource's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
`passthroughExtensions`	`object`	Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values. (id: CertificateExtensionConstraints)
`predefinedValues`	`object`	Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail. (id: X509Parameters)
`updateTime`	`string (google-datetime)`	Output only. The time at which this CertificateTemplate was updated.

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Optional Params	Description
`get`	`select`	`projectsId`, `locationsId`, `certificateTemplatesId`		Returns a CertificateTemplate.
`list`	`select`	`projectsId`, `locationsId`	`pageSize`, `pageToken`, `filter`, `orderBy`	Lists CertificateTemplates.
`create`	`insert`	`projectsId`, `locationsId`	`certificateTemplateId`, `requestId`	Create a new CertificateTemplate in a given Project and Location.
`patch`	`update`	`projectsId`, `locationsId`, `certificateTemplatesId`	`updateMask`, `requestId`	Update a CertificateTemplate.
`delete`	`delete`	`projectsId`, `locationsId`, `certificateTemplatesId`	`requestId`	DeleteCertificateTemplate deletes a CertificateTemplate.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
`certificateTemplatesId`	`string`
`locationsId`	`string`
`projectsId`	`string`
`certificateTemplateId`	`string`
`filter`	`string`
`orderBy`	`string`
`pageSize`	`integer (int32)`
`pageToken`	`string`
`requestId`	`string`
`updateMask`	`string (google-fieldmask)`

`SELECT` examples

get
list

Returns a CertificateTemplate.

SELECT
name,
createTime,
description,
identityConstraints,
labels,
maximumLifetime,
passthroughExtensions,
predefinedValues,
updateTime
FROM google.privateca.certificate_templates
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND certificateTemplatesId = '{{ certificateTemplatesId }}' -- required;

Lists CertificateTemplates.

SELECT
name,
createTime,
description,
identityConstraints,
labels,
maximumLifetime,
passthroughExtensions,
predefinedValues,
updateTime
FROM google.privateca.certificate_templates
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND filter = '{{ filter }}'
AND orderBy = '{{ orderBy }}';

`INSERT` examples

create
Manifest

Create a new CertificateTemplate in a given Project and Location.

INSERT INTO google.privateca.certificate_templates (
data__name,
data__maximumLifetime,
data__predefinedValues,
data__identityConstraints,
data__passthroughExtensions,
data__description,
data__labels,
projectsId,
locationsId,
certificateTemplateId,
requestId
)
SELECT 
'{{ name }}',
'{{ maximumLifetime }}',
'{{ predefinedValues }}',
'{{ identityConstraints }}',
'{{ passthroughExtensions }}',
'{{ description }}',
'{{ labels }}',
'{{ projectsId }}',
'{{ locationsId }}',
'{{ certificateTemplateId }}',
'{{ requestId }}'
RETURNING
name,
done,
error,
metadata,
response
;

# Description fields are for documentation purposes
- name: certificate_templates
  props:
    - name: projectsId
      value: string
      description: Required parameter for the certificate_templates resource.
    - name: locationsId
      value: string
      description: Required parameter for the certificate_templates resource.
    - name: name
      value: string
      description: >
        Identifier. The resource name for this CertificateTemplate in the format `projects/*/locations/*/certificateTemplates/*`.
        
    - name: maximumLifetime
      value: string
      description: >
        Optional. The maximum lifetime allowed for issued Certificates that use this template. If the issuing CaPool resource's IssuancePolicy specifies a maximum_lifetime the minimum of the two durations will be the maximum lifetime for issued Certificates. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
        
    - name: predefinedValues
      value: object
      description: >
        Optional. A set of X.509 values that will be applied to all issued certificates that use this template. If the certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If the issuing CaPool's IssuancePolicy defines conflicting baseline_values for the same properties, the certificate issuance request will fail.
        
    - name: identityConstraints
      value: object
      description: >
        Optional. Describes constraints on identities that may be appear in Certificates issued using this template. If this is omitted, then this template will not add restrictions on a certificate's identity.
        
    - name: passthroughExtensions
      value: object
      description: >
        Optional. Describes the set of X.509 extensions that may appear in a Certificate issued using this CertificateTemplate. If a certificate request sets extensions that don't appear in the passthrough_extensions, those extensions will be dropped. If the issuing CaPool's IssuancePolicy defines baseline_values that don't appear here, the certificate issuance request will fail. If this is omitted, then this template will not add restrictions on a certificate's X.509 extensions. These constraints do not apply to X.509 extensions set in this CertificateTemplate's predefined_values.
        
    - name: description
      value: string
      description: >
        Optional. A human-readable description of scenarios this template is intended for.
        
    - name: labels
      value: object
      description: >
        Optional. Labels with user-defined metadata.
        
    - name: certificateTemplateId
      value: string
    - name: requestId
      value: string

`UPDATE` examples

patch

Update a CertificateTemplate.

UPDATE google.privateca.certificate_templates
SET 
data__name = '{{ name }}',
data__maximumLifetime = '{{ maximumLifetime }}',
data__predefinedValues = '{{ predefinedValues }}',
data__identityConstraints = '{{ identityConstraints }}',
data__passthroughExtensions = '{{ passthroughExtensions }}',
data__description = '{{ description }}',
data__labels = '{{ labels }}'
WHERE 
projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND certificateTemplatesId = '{{ certificateTemplatesId }}' --required
AND updateMask = '{{ updateMask}}'
AND requestId = '{{ requestId}}'
RETURNING
name,
done,
error,
metadata,
response;

`DELETE` examples

delete

DeleteCertificateTemplate deletes a CertificateTemplate.

DELETE FROM google.privateca.certificate_templates
WHERE projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND certificateTemplatesId = '{{ certificateTemplatesId }}' --required
AND requestId = '{{ requestId }}';

Overview​

Fields​

Methods​

Parameters​

SELECT examples​

INSERT examples​

UPDATE examples​

DELETE examples​