Yandex.Cloud
  • Services
  • Why Yandex.Cloud
  • Pricing
  • Documentation
  • Contact us
Get started
Yandex Identity and Access Management
  • Getting started
    • How to manage access to resources
    • How to work with service accounts
  • Step-by-step instructions
    • All instructions
    • Users
      • Adding users
      • Getting user ID or email
      • Deleting a user
    • Service accounts
      • Creating a service account
      • Updating a service account
      • Assigning roles to a service account
      • Setting up access rights for a service account
      • Creating static access keys
      • Getting the service account ID
      • Deleting service accounts
    • Identity federations
      • Authentication using Active Directory
      • Authentication using G Suite
      • Authentication using an identity federation
      • Adding users
    • Roles
      • Assigning roles
      • Viewing assigned roles
      • Revoking roles
    • IAM tokens
      • Getting an IAM token for a Yandex account
      • Getting an IAM token for a service account
      • Getting an IAM token for a federated account
    • Keys
      • Creating API keys
      • Deleting API keys
      • Creating authorized keys
  • Concepts
    • Overview
    • How access management works
      • Overview
      • Roles
      • System groups
      • Resources that roles can be assigned for
    • Authorization
      • Overview
      • IAM token
      • OAuth token
      • API key
      • Authorized keys
      • AWS-compatible access keys
    • Service accounts
    • SAML-compatible identity federations
    • Quotas and limits
  • How to use Yandex.Cloud securely
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • ApiKeyService
      • IamTokenService
      • KeyService
      • RoleService
      • ServiceAccountService
      • UserAccountService
      • YandexPassportUserAccountService
      • AccessKeyService
      • CertificateService
      • FederationService
      • OperationService
    • REST
      • Overview
      • ApiKey
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • IamToken
        • Overview
        • create
      • Key
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • Role
        • Overview
        • get
        • list
      • ServiceAccount
        • Overview
        • create
        • delete
        • get
        • list
        • listAccessBindings
        • listOperations
        • setAccessBindings
        • update
        • updateAccessBindings
      • UserAccount
        • Overview
        • get
      • YandexPassportUserAccount
        • Overview
        • getByLogin
      • Operation
        • Overview
        • get
      • Federation
        • Overview
        • update
        • list
        • listUserAccounts
        • get
        • delete
        • addUserAccounts
        • create
        • listOperations
      • Certificate
        • Overview
        • update
        • list
        • get
        • delete
        • create
        • listOperations
      • AccessKey
        • Overview
        • update
        • list
        • get
        • delete
        • create
        • listOperations
  • Questions and answers
    • General questions
    • Logging in and accessing resources
    • All questions on the same page
  1. API reference
  2. gRPC
  3. CertificateService

CertificateService

  • Calls CertificateService
  • Get
    • GetCertificateRequest
    • Certificate
  • List
    • ListCertificatesRequest
    • ListCertificatesResponse
    • Certificate
  • Create
    • CreateCertificateRequest
    • Operation
    • CreateCertificateMetadata
    • Certificate
  • Update
    • UpdateCertificateRequest
    • Operation
    • UpdateCertificateMetadata
    • Certificate
  • Delete
    • DeleteCertificateRequest
    • Operation
    • DeleteCertificateMetadata
  • ListOperations
    • ListCertificateOperationsRequest
    • ListCertificateOperationsResponse
    • Operation

A set of methods for managing certificates.

Call Description
Get Returns the specified certificate.
List Retrieves the list of certificates in the specified federation.
Create Creates a certificate in the specified federation.
Update Updates the specified certificate.
Delete Deletes the specified certificate.
ListOperations Lists operations for the specified certificate.

Calls CertificateService

Get

Returns the specified certificate.
To get the list of available certificates, make a List request.

rpc Get (GetCertificateRequest) returns (Certificate)

GetCertificateRequest

Field Description
certificate_id string
ID of the certificate to return. To get the certificate ID, make a CertificateService.List request. The maximum string length in characters is 50.

Certificate

Field Description
id string
Required. ID of the certificate. The maximum string length in characters is 50.
federation_id string
Required. ID of the federation that the certificate belongs to. The maximum string length in characters is 50.
name string
Name of the certificate. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9].
description string
Description of the certificate. The maximum string length in characters is 256.
created_at google.protobuf.Timestamp
Creation timestamp.
data string
Required. Certificate data in PEM format. The maximum string length in characters is 32000.

List

Retrieves the list of certificates in the specified federation.

rpc List (ListCertificatesRequest) returns (ListCertificatesResponse)

ListCertificatesRequest

Field Description
federation_id string
Required. ID of the federation to list certificates in. To get the federation ID make a yandex.cloud.iam.v1.saml.FederationService.List request. The maximum string length in characters is 50.
page_size int64
The maximum number of results per page to return. If the number of available results is larger than page_size, the service returns a ListCertificatesResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. Acceptable values are 0 to 1000, inclusive.
page_token string
Page token. To get the next page of results, set page_token to the ListCertificatesResponse.next_page_token returned by a previous list request. The maximum string length in characters is 100.
filter string
  1. The field name. Currently you can use filtering only on Certificate.name field.
  2. An operator. Can be either = or != for single values, IN or NOT IN for lists of values.
  3. The value. Must be 3-63 characters long and match the regular expression ^[a-z][-a-z0-9]{1,61}[a-z0-9]$.
The maximum string length in characters is 1000.

ListCertificatesResponse

Field Description
certificates[] Certificate
List of certificates.
next_page_token string
This token allows you to get the next page of results for list requests. If the number of results is larger than ListCertificatesRequest.page_size, use the next_page_token as the value for the ListCertificatesRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results.

Certificate

Field Description
id string
Required. ID of the certificate. The maximum string length in characters is 50.
federation_id string
Required. ID of the federation that the certificate belongs to. The maximum string length in characters is 50.
name string
Name of the certificate. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9].
description string
Description of the certificate. The maximum string length in characters is 256.
created_at google.protobuf.Timestamp
Creation timestamp.
data string
Required. Certificate data in PEM format. The maximum string length in characters is 32000.

Create

Creates a certificate in the specified federation.

rpc Create (CreateCertificateRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:CreateCertificateMetadata

    Operation.response:Certificate

CreateCertificateRequest

Field Description
federation_id string
ID of the federation to add new certificate. To get the federation ID make a yandex.cloud.iam.v1.saml.FederationService.List request. The maximum string length in characters is 50.
name string
Name of the certificate. The name must be unique within the federation. Value must match the regular expression [a-z]([-a-z0-9]{0,61}[a-z0-9])?.
description string
Description of the certificate. The maximum string length in characters is 256.
data string
Certificate data in PEM format. The maximum string length in characters is 32000.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any<CreateCertificateMetadata>
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any<Certificate>
if operation finished successfully.

CreateCertificateMetadata

Field Description
certificate_id string
ID of the certificate that is being created.

Certificate

Field Description
id string
Required. ID of the certificate. The maximum string length in characters is 50.
federation_id string
Required. ID of the federation that the certificate belongs to. The maximum string length in characters is 50.
name string
Name of the certificate. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9].
description string
Description of the certificate. The maximum string length in characters is 256.
created_at google.protobuf.Timestamp
Creation timestamp.
data string
Required. Certificate data in PEM format. The maximum string length in characters is 32000.

Update

Updates the specified certificate.

rpc Update (UpdateCertificateRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:UpdateCertificateMetadata

    Operation.response:Certificate

UpdateCertificateRequest

Field Description
certificate_id string
ID of the certificate to update. To get the certificate ID, make a CertificateService.List request. The maximum string length in characters is 50.
update_mask google.protobuf.FieldMask
Field mask that specifies which fields of the certificate are going to be updated.
name string
Name of the certificate. The name must be unique within the federation. Value must match the regular expression |[a-z]([-a-z0-9]{0,61}[a-z0-9])?.
description string
Description of the certificate. The maximum string length in characters is 256.
data string
Certificate data in PEM format. The maximum string length in characters is 32000.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any<UpdateCertificateMetadata>
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any<Certificate>
if operation finished successfully.

UpdateCertificateMetadata

Field Description
certificate_id string
ID of the certificate that is being updated.

Certificate

Field Description
id string
Required. ID of the certificate. The maximum string length in characters is 50.
federation_id string
Required. ID of the federation that the certificate belongs to. The maximum string length in characters is 50.
name string
Name of the certificate. Value must match the regular expression |[a-z][-a-z0-9]{1,61}[a-z0-9].
description string
Description of the certificate. The maximum string length in characters is 256.
created_at google.protobuf.Timestamp
Creation timestamp.
data string
Required. Certificate data in PEM format. The maximum string length in characters is 32000.

Delete

Deletes the specified certificate.

rpc Delete (DeleteCertificateRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:DeleteCertificateMetadata

    Operation.response:google.protobuf.Empty

DeleteCertificateRequest

Field Description
certificate_id string
ID of the certificate to delete. To get the certificate ID, make a CertificateService.List request. The maximum string length in characters is 50.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any<DeleteCertificateMetadata>
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any<google.protobuf.Empty>
if operation finished successfully.

DeleteCertificateMetadata

Field Description
certificate_id string
ID of the certificate that is being deleted.

ListOperations

Lists operations for the specified certificate.

rpc ListOperations (ListCertificateOperationsRequest) returns (ListCertificateOperationsResponse)

ListCertificateOperationsRequest

Field Description
certificate_id string
ID of the certificate to list operations for. The maximum string length in characters is 50.
page_size int64
The maximum number of results per page to return. If the number of available results is larger than page_size, the service returns a ListCertificateOperationsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. Acceptable values are 0 to 1000, inclusive.
page_token string
Page token. To get the next page of results, set page_token to the ListCertificateOperationsResponse.next_page_token returned by a previous list request. The maximum string length in characters is 100.

ListCertificateOperationsResponse

Field Description
operations[] operation.Operation
List of operations for the specified certificate.
next_page_token string
This token allows you to get the next page of results for list requests. If the number of results is larger than ListCertificateOperationsRequest.page_size, use the next_page_token as the value for the ListCertificateOperationsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results.

Operation

Field Description
id string
ID of the operation.
description string
Description of the operation. 0-256 characters long.
created_at google.protobuf.Timestamp
Creation timestamp.
created_by string
ID of the user or service account who initiated the operation.
modified_at google.protobuf.Timestamp
The time when the Operation resource was last modified.
done bool
If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata google.protobuf.Any
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result oneof: error or response
The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
  error google.rpc.Status
The error result of the operation in case of failure or cancellation.
  response google.protobuf.Any
The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.
In this article:
  • Calls CertificateService
  • Get
  • GetCertificateRequest
  • Certificate
  • List
  • ListCertificatesRequest
  • ListCertificatesResponse
  • Certificate
  • Create
  • CreateCertificateRequest
  • Operation
  • CreateCertificateMetadata
  • Certificate
  • Update
  • UpdateCertificateRequest
  • Operation
  • UpdateCertificateMetadata
  • Certificate
  • Delete
  • DeleteCertificateRequest
  • Operation
  • DeleteCertificateMetadata
  • ListOperations
  • ListCertificateOperationsRequest
  • ListCertificateOperationsResponse
  • Operation
Language
Careers
Privacy policy
Terms of use
© 2021 Yandex.Cloud LLC