Certificate Manager API, gRPC: CertificateService
A set of methods for managing certificates.
Call | Description |
---|---|
Get | Returns the specified certificate. |
List | Returns the list of certificates in the specified folder. |
ListVersions | |
Create | Creates a certificate in the specified folder. |
Update | Updates the specified certificate. |
Delete | Deletes the specified certificate. |
RequestNew | Request a certificate in the specified folder. |
ListOperations | Lists operations for the specified certificate. |
ListAccessBindings | Lists existing access bindings for the specified certificate. |
SetAccessBindings | Sets access bindings for the certificate. |
UpdateAccessBindings | Updates access bindings for the specified certificate. |
Calls CertificateService
Get
Returns the specified certificate.
To get the list of available certificates, make a List request.
rpc Get (GetCertificateRequest) returns (Certificate)
GetCertificateRequest
Field | Description |
---|---|
certificate_id | string Required. ID of the certificate to return. To get the ID of a certificate use a CertificateService.List request. The maximum string length in characters is 50. |
view | enum CertificateView The output type of the certificate.
|
Certificate
Field | Description |
---|---|
id | string ID of the certificate. Generated at creation time. |
folder_id | string ID of the folder that the certificate belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the certificate. The name is unique within the folder. |
description | string Description of the certificate. |
labels | map<string,string> Certificate labels as key:value pairs. |
type | enum CertificateType Type of the certificate.
|
domains[] | string Fully qualified domain names of the certificate. |
status | enum Status Status of the certificate.
|
issuer | string Distinguished Name |
subject | string Distinguished Name |
serial | string Serial number of the certificate. |
updated_at | google.protobuf.Timestamp Time when the certificate is updated. |
issued_at | google.protobuf.Timestamp Time when the certificate is issued. |
not_after | google.protobuf.Timestamp Time after which the certificate is not valid. |
not_before | google.protobuf.Timestamp Time before which the certificate is not valid. |
challenges[] | Challenge Domains validation challenges of the certificate. Used only for managed certificates. |
deletion_protection | bool Flag that protects deletion of the certificate |
incomplete_chain | bool Mark imported certificates without uploaded chain or with chain which not lead to root certificate |
Challenge
Field | Description |
---|---|
domain | string Domain of the challenge. |
type | enum ChallengeType Type of the challenge.
|
created_at | google.protobuf.Timestamp Time when the challenge is created. |
updated_at | google.protobuf.Timestamp Time when the challenge is updated. |
status | enum Status Status of the challenge.
|
message | string Description of the challenge. |
error | string Error of the challenge. |
challenge | oneof: dns_challenge or http_challenge Data of the challenge. |
dns_challenge | DnsRecord DNS-record. |
http_challenge | HttpFile HTTP-file. |
DnsRecord
Field | Description |
---|---|
name | string Name of the DNS record. |
type | string Type of the DNS-record. |
value | string Value of the DNS-record. |
HttpFile
Field | Description |
---|---|
url | string Location of the HTTP file. |
content | string Content of the HTTP file. |
List
Returns the list of certificates in the specified folder.
rpc List (ListCertificatesRequest) returns (ListCertificatesResponse)
ListCertificatesRequest
Field | Description |
---|---|
folder_id | string Required. ID of the folder to list certificate in. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page to return. If the number of available results is larger than page_size , the service returns a ListCertificatesResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000. |
page_token | string Page token. To get the next page of results, set page_token to the ListCertificatesResponse.next_page_token returned by a previous list request. The maximum string length in characters is 100. |
view | enum CertificateView The output type of the certificate.
|
ListCertificatesResponse
Field | Description |
---|---|
certificates[] | Certificate List of certificates in the specified folder. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is greater than the specified ListCertificatesRequest.page_size, use the next_page_token as the value for the ListCertificatesRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Certificate
Field | Description |
---|---|
id | string ID of the certificate. Generated at creation time. |
folder_id | string ID of the folder that the certificate belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the certificate. The name is unique within the folder. |
description | string Description of the certificate. |
labels | map<string,string> Certificate labels as key:value pairs. |
type | enum CertificateType Type of the certificate.
|
domains[] | string Fully qualified domain names of the certificate. |
status | enum Status Status of the certificate.
|
issuer | string Distinguished Name |
subject | string Distinguished Name |
serial | string Serial number of the certificate. |
updated_at | google.protobuf.Timestamp Time when the certificate is updated. |
issued_at | google.protobuf.Timestamp Time when the certificate is issued. |
not_after | google.protobuf.Timestamp Time after which the certificate is not valid. |
not_before | google.protobuf.Timestamp Time before which the certificate is not valid. |
challenges[] | Challenge Domains validation challenges of the certificate. Used only for managed certificates. |
deletion_protection | bool Flag that protects deletion of the certificate |
incomplete_chain | bool Mark imported certificates without uploaded chain or with chain which not lead to root certificate |
Challenge
Field | Description |
---|---|
domain | string Domain of the challenge. |
type | enum ChallengeType Type of the challenge.
|
created_at | google.protobuf.Timestamp Time when the challenge is created. |
updated_at | google.protobuf.Timestamp Time when the challenge is updated. |
status | enum Status Status of the challenge.
|
message | string Description of the challenge. |
error | string Error of the challenge. |
challenge | oneof: dns_challenge or http_challenge Data of the challenge. |
dns_challenge | DnsRecord DNS-record. |
http_challenge | HttpFile HTTP-file. |
DnsRecord
Field | Description |
---|---|
name | string Name of the DNS record. |
type | string Type of the DNS-record. |
value | string Value of the DNS-record. |
HttpFile
Field | Description |
---|---|
url | string Location of the HTTP file. |
content | string Content of the HTTP file. |
ListVersions
rpc ListVersions (ListVersionsRequest) returns (ListVersionsResponse)
ListVersionsRequest
Field | Description |
---|---|
certificate_id | string Required. ID of the certificate to list versions for. The maximum string length in characters is 50. |
page_size | int64 Page token. To get the next page of results, set page_token to the ListCertificatesResponse.next_page_token returned by a previous list request. The maximum value is 1000. |
page_token | string Page token. To get the next page of results, set page_token to the ListCertificatesResponse.next_page_token returned by a previous list request. The maximum string length in characters is 100. |
ListVersionsResponse
Field | Description |
---|---|
versions[] | Version List of versions for the specified certificate. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is greater than the specified ListCertificatesRequest.page_size, use the next_page_token as the value for the ListCertificatesRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Version
Field | Description |
---|---|
id | string ID of the version. |
certificate_id | string ID of the certificate that the version belongs to. |
created_at | google.protobuf.Timestamp Time when the version was created. |
Create
Creates a certificate in the specified folder.
rpc Create (CreateCertificateRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:CreateCertificateMetadata
Operation.response:Certificate
CreateCertificateRequest
Field | Description |
---|---|
folder_id | string Required. ID of the folder to create a certificate in. The maximum string length in characters is 50. |
name | string Name of the certificate. The name must be unique within the folder. Value must match the regular expression |[a-z]([-a-z0-9]{0,61}[a-z0-9])? . |
description | string Description of the certificate. The maximum string length in characters is 1024. |
labels | map<string,string> Labels for the certificate as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_0-9a-z]* . The maximum string length in characters for each key is 63. Each key must match the regular expression [a-z][-_0-9a-z]* . |
certificate | string PEM-encoded certificate content of the certificate. The maximum string length in characters is 32768. |
chain | string PEM-encoded certificate chain content of the certificate. The maximum string length in characters is 2097152. |
private_key | string Required. PEM-encoded private key content of the certificate. The string length in characters must be 1-524288. |
deletion_protection | bool Flag that protects deletion of the certificate |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
CreateCertificateMetadata
Field | Description |
---|---|
certificate_id | string ID of the certificate being created. |
Certificate
Field | Description |
---|---|
id | string ID of the certificate. Generated at creation time. |
folder_id | string ID of the folder that the certificate belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the certificate. The name is unique within the folder. |
description | string Description of the certificate. |
labels | map<string,string> Certificate labels as key:value pairs. |
type | enum CertificateType Type of the certificate.
|
domains[] | string Fully qualified domain names of the certificate. |
status | enum Status Status of the certificate.
|
issuer | string Distinguished Name |
subject | string Distinguished Name |
serial | string Serial number of the certificate. |
updated_at | google.protobuf.Timestamp Time when the certificate is updated. |
issued_at | google.protobuf.Timestamp Time when the certificate is issued. |
not_after | google.protobuf.Timestamp Time after which the certificate is not valid. |
not_before | google.protobuf.Timestamp Time before which the certificate is not valid. |
challenges[] | Challenge Domains validation challenges of the certificate. Used only for managed certificates. |
deletion_protection | bool Flag that protects deletion of the certificate |
incomplete_chain | bool Mark imported certificates without uploaded chain or with chain which not lead to root certificate |
Challenge
Field | Description |
---|---|
domain | string Domain of the challenge. |
type | enum ChallengeType Type of the challenge.
|
created_at | google.protobuf.Timestamp Time when the challenge is created. |
updated_at | google.protobuf.Timestamp Time when the challenge is updated. |
status | enum Status Status of the challenge.
|
message | string Description of the challenge. |
error | string Error of the challenge. |
challenge | oneof: dns_challenge or http_challenge Data of the challenge. |
dns_challenge | DnsRecord DNS-record. |
http_challenge | HttpFile HTTP-file. |
DnsRecord
Field | Description |
---|---|
name | string Name of the DNS record. |
type | string Type of the DNS-record. |
value | string Value of the DNS-record. |
HttpFile
Field | Description |
---|---|
url | string Location of the HTTP file. |
content | string Content of the HTTP file. |
Update
Updates the specified certificate.
rpc Update (UpdateCertificateRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateCertificateMetadata
Operation.response:Certificate
UpdateCertificateRequest
Field | Description |
---|---|
certificate_id | string Required. ID of the certificate to update. To get the ID of a certificate use a CertificateService.List request. The maximum string length in characters is 50. |
update_mask | google.protobuf.FieldMask Field mask that specifies which attributes of the certificate are going to be updated. |
name | string New name for the certificate. Value must match the regular expression |[a-z]([-a-z0-9]{0,61}[a-z0-9])? . |
description | string New description for the certificate. The maximum string length in characters is 1024. |
labels | map<string,string> New labels for the certificate as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_0-9a-z]* . The maximum string length in characters for each key is 63. Each key must match the regular expression [a-z][-_0-9a-z]* . |
certificate | string New PEM-encoded certificate content for the certificate. Used only for imported certificates. The maximum string length in characters is 32768. |
chain | string New PEM-encoded certificate chain content for the certificate. Used only for imported certificates. The maximum string length in characters is 2097152. |
private_key | string New PEM-encoded private key content for the certificate. Used only for imported certificates. The maximum string length in characters is 524288. |
deletion_protection | bool Flag that protects deletion of the certificate |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
UpdateCertificateMetadata
Field | Description |
---|---|
certificate_id | string ID of the certificate being updated. |
Certificate
Field | Description |
---|---|
id | string ID of the certificate. Generated at creation time. |
folder_id | string ID of the folder that the certificate belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the certificate. The name is unique within the folder. |
description | string Description of the certificate. |
labels | map<string,string> Certificate labels as key:value pairs. |
type | enum CertificateType Type of the certificate.
|
domains[] | string Fully qualified domain names of the certificate. |
status | enum Status Status of the certificate.
|
issuer | string Distinguished Name |
subject | string Distinguished Name |
serial | string Serial number of the certificate. |
updated_at | google.protobuf.Timestamp Time when the certificate is updated. |
issued_at | google.protobuf.Timestamp Time when the certificate is issued. |
not_after | google.protobuf.Timestamp Time after which the certificate is not valid. |
not_before | google.protobuf.Timestamp Time before which the certificate is not valid. |
challenges[] | Challenge Domains validation challenges of the certificate. Used only for managed certificates. |
deletion_protection | bool Flag that protects deletion of the certificate |
incomplete_chain | bool Mark imported certificates without uploaded chain or with chain which not lead to root certificate |
Challenge
Field | Description |
---|---|
domain | string Domain of the challenge. |
type | enum ChallengeType Type of the challenge.
|
created_at | google.protobuf.Timestamp Time when the challenge is created. |
updated_at | google.protobuf.Timestamp Time when the challenge is updated. |
status | enum Status Status of the challenge.
|
message | string Description of the challenge. |
error | string Error of the challenge. |
challenge | oneof: dns_challenge or http_challenge Data of the challenge. |
dns_challenge | DnsRecord DNS-record. |
http_challenge | HttpFile HTTP-file. |
DnsRecord
Field | Description |
---|---|
name | string Name of the DNS record. |
type | string Type of the DNS-record. |
value | string Value of the DNS-record. |
HttpFile
Field | Description |
---|---|
url | string Location of the HTTP file. |
content | string Content of the HTTP file. |
Delete
Deletes the specified certificate.
rpc Delete (DeleteCertificateRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:DeleteCertificateMetadata
Operation.response:Certificate
DeleteCertificateRequest
Field | Description |
---|---|
certificate_id | string Required. ID of the certificate to be deleted. The maximum string length in characters is 50. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
DeleteCertificateMetadata
Field | Description |
---|---|
certificate_id | string ID of the certificate being deleted. |
Certificate
Field | Description |
---|---|
id | string ID of the certificate. Generated at creation time. |
folder_id | string ID of the folder that the certificate belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the certificate. The name is unique within the folder. |
description | string Description of the certificate. |
labels | map<string,string> Certificate labels as key:value pairs. |
type | enum CertificateType Type of the certificate.
|
domains[] | string Fully qualified domain names of the certificate. |
status | enum Status Status of the certificate.
|
issuer | string Distinguished Name |
subject | string Distinguished Name |
serial | string Serial number of the certificate. |
updated_at | google.protobuf.Timestamp Time when the certificate is updated. |
issued_at | google.protobuf.Timestamp Time when the certificate is issued. |
not_after | google.protobuf.Timestamp Time after which the certificate is not valid. |
not_before | google.protobuf.Timestamp Time before which the certificate is not valid. |
challenges[] | Challenge Domains validation challenges of the certificate. Used only for managed certificates. |
deletion_protection | bool Flag that protects deletion of the certificate |
incomplete_chain | bool Mark imported certificates without uploaded chain or with chain which not lead to root certificate |
Challenge
Field | Description |
---|---|
domain | string Domain of the challenge. |
type | enum ChallengeType Type of the challenge.
|
created_at | google.protobuf.Timestamp Time when the challenge is created. |
updated_at | google.protobuf.Timestamp Time when the challenge is updated. |
status | enum Status Status of the challenge.
|
message | string Description of the challenge. |
error | string Error of the challenge. |
challenge | oneof: dns_challenge or http_challenge Data of the challenge. |
dns_challenge | DnsRecord DNS-record. |
http_challenge | HttpFile HTTP-file. |
DnsRecord
Field | Description |
---|---|
name | string Name of the DNS record. |
type | string Type of the DNS-record. |
value | string Value of the DNS-record. |
HttpFile
Field | Description |
---|---|
url | string Location of the HTTP file. |
content | string Content of the HTTP file. |
RequestNew
Request a certificate in the specified folder.
rpc RequestNew (RequestNewCertificateRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:RequestNewCertificateMetadata
Operation.response:Certificate
RequestNewCertificateRequest
Field | Description |
---|---|
folder_id | string Required. ID of the folder to create a certificate in. The maximum string length in characters is 50. |
name | string Name of the certificate. Value must match the regular expression |[a-z]([-a-z0-9]{0,61}[a-z0-9])? . |
description | string Description of the certificate. The maximum string length in characters is 1024. |
labels | map<string,string> Labels for the certificate as key:value pairs. No more than 64 per resource. The maximum string length in characters for each value is 63. Each value must match the regular expression [-_0-9a-z]* . The maximum string length in characters for each key is 63. Each key must match the regular expression [a-z][-_0-9a-z]* . |
domains[] | string Fully qualified domain names of the certificate. |
challenge_type | enum ChallengeType Type of the domain validation challenge.
|
deletion_protection | bool Flag that protects deletion of the certificate |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
RequestNewCertificateMetadata
Field | Description |
---|---|
certificate_id | string ID of the certificate that is being requested. |
Certificate
Field | Description |
---|---|
id | string ID of the certificate. Generated at creation time. |
folder_id | string ID of the folder that the certificate belongs to. |
created_at | google.protobuf.Timestamp Creation timestamp. |
name | string Name of the certificate. The name is unique within the folder. |
description | string Description of the certificate. |
labels | map<string,string> Certificate labels as key:value pairs. |
type | enum CertificateType Type of the certificate.
|
domains[] | string Fully qualified domain names of the certificate. |
status | enum Status Status of the certificate.
|
issuer | string Distinguished Name |
subject | string Distinguished Name |
serial | string Serial number of the certificate. |
updated_at | google.protobuf.Timestamp Time when the certificate is updated. |
issued_at | google.protobuf.Timestamp Time when the certificate is issued. |
not_after | google.protobuf.Timestamp Time after which the certificate is not valid. |
not_before | google.protobuf.Timestamp Time before which the certificate is not valid. |
challenges[] | Challenge Domains validation challenges of the certificate. Used only for managed certificates. |
deletion_protection | bool Flag that protects deletion of the certificate |
incomplete_chain | bool Mark imported certificates without uploaded chain or with chain which not lead to root certificate |
Challenge
Field | Description |
---|---|
domain | string Domain of the challenge. |
type | enum ChallengeType Type of the challenge.
|
created_at | google.protobuf.Timestamp Time when the challenge is created. |
updated_at | google.protobuf.Timestamp Time when the challenge is updated. |
status | enum Status Status of the challenge.
|
message | string Description of the challenge. |
error | string Error of the challenge. |
challenge | oneof: dns_challenge or http_challenge Data of the challenge. |
dns_challenge | DnsRecord DNS-record. |
http_challenge | HttpFile HTTP-file. |
DnsRecord
Field | Description |
---|---|
name | string Name of the DNS record. |
type | string Type of the DNS-record. |
value | string Value of the DNS-record. |
HttpFile
Field | Description |
---|---|
url | string Location of the HTTP file. |
content | string Content of the HTTP file. |
ListOperations
Lists operations for the specified certificate.
rpc ListOperations (ListCertificateOperationsRequest) returns (ListCertificateOperationsResponse)
ListCertificateOperationsRequest
Field | Description |
---|---|
certificate_id | string Required. ID of the certificate to list operations for. To get the certificate ID, use a CertificateService.List request. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page that should be returned. If the number of available results is larger than page_size , the service returns a ListCertificateOperationsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000. |
page_token | string Page token. To get the next page of results, set page_token to the ListCertificateOperationsResponse.next_page_token returned by a previous list request. The maximum string length in characters is 100. |
ListCertificateOperationsResponse
Field | Description |
---|---|
operations[] | operation.Operation List of operations for the specified certificate. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListCertificateOperationsRequest.page_size, use the next_page_token as the value for the ListCertificateOperationsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty |
ListAccessBindings
Lists existing access bindings for the specified certificate.
rpc ListAccessBindings (ListAccessBindingsRequest) returns (ListAccessBindingsResponse)
ListAccessBindingsRequest
Field | Description |
---|---|
resource_id | string Required. ID of the resource to list access bindings for. To get the resource ID, use a corresponding List request. For example, use the yandex.cloud.resourcemanager.v1.CloudService.List request to get the Cloud resource ID. The maximum string length in characters is 50. |
page_size | int64 The maximum number of results per page that should be returned. If the number of available results is larger than page_size , the service returns a ListAccessBindingsResponse.next_page_token that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000. |
page_token | string Page token. Set page_token to the ListAccessBindingsResponse.next_page_token returned by a previous list request to get the next page of results. The maximum string length in characters is 100. |
ListAccessBindingsResponse
Field | Description |
---|---|
access_bindings[] | AccessBinding List of access bindings for the specified resource. |
next_page_token | string This token allows you to get the next page of results for list requests. If the number of results is larger than ListAccessBindingsRequest.page_size, use the next_page_token as the value for the ListAccessBindingsRequest.page_token query parameter in the next list request. Each subsequent list request will have its own next_page_token to continue paging through the results. |
AccessBinding
Field | Description |
---|---|
role_id | string Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject . The maximum string length in characters is 50. |
subject | Subject Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier. |
Subject
Field | Description |
---|---|
id | string Required. ID of the subject. It can contain one of the following values:
type is system .
type is userAccount , federatedUser or serviceAccount . The maximum string length in characters is 50. |
type | string Required. Type of the subject. It can contain one of the following values:
For more information, see Subject to which the role is assigned. The maximum string length in characters is 100. |
SetAccessBindings
Sets access bindings for the certificate.
rpc SetAccessBindings (SetAccessBindingsRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:SetAccessBindingsMetadata
Operation.response:google.protobuf.Empty
SetAccessBindingsRequest
Field | Description |
---|---|
resource_id | string Required. ID of the resource for which access bindings are being set. To get the resource ID, use a corresponding List request. The maximum string length in characters is 50. |
access_bindings[] | AccessBinding Required. Access bindings to be set. For more information, see Access Bindings. |
AccessBinding
Field | Description |
---|---|
role_id | string Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject . The maximum string length in characters is 50. |
subject | Subject Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier. |
Subject
Field | Description |
---|---|
id | string Required. ID of the subject. It can contain one of the following values:
type is system .
type is userAccount , federatedUser or serviceAccount . The maximum string length in characters is 50. |
type | string Required. Type of the subject. It can contain one of the following values:
For more information, see Subject to which the role is assigned. The maximum string length in characters is 100. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
SetAccessBindingsMetadata
Field | Description |
---|---|
resource_id | string ID of the resource for which access bindings are being set. |
UpdateAccessBindings
Updates access bindings for the specified certificate.
rpc UpdateAccessBindings (UpdateAccessBindingsRequest) returns (operation.Operation)
Metadata and response of Operation:
Operation.metadata:UpdateAccessBindingsMetadata
Operation.response:google.protobuf.Empty
UpdateAccessBindingsRequest
Field | Description |
---|---|
resource_id | string Required. ID of the resource for which access bindings are being updated. The maximum string length in characters is 50. |
access_binding_deltas[] | AccessBindingDelta Required. Updates to access bindings. The number of elements must be greater than 0. |
AccessBindingDelta
Field | Description |
---|---|
action | enum AccessBindingAction Required. The action that is being performed on an access binding.
|
access_binding | AccessBinding Required. Access binding. For more information, see Access Bindings. |
AccessBinding
Field | Description |
---|---|
role_id | string Required. ID of the yandex.cloud.iam.v1.Role that is assigned to the subject . The maximum string length in characters is 50. |
subject | Subject Required. Identity for which access binding is being created. It can represent an account with a unique ID or several accounts with a system identifier. |
Subject
Field | Description |
---|---|
id | string Required. ID of the subject. It can contain one of the following values:
type is system .
type is userAccount , federatedUser or serviceAccount . The maximum string length in characters is 50. |
type | string Required. Type of the subject. It can contain one of the following values:
For more information, see Subject to which the role is assigned. The maximum string length in characters is 100. |
Operation
Field | Description |
---|---|
id | string ID of the operation. |
description | string Description of the operation. 0-256 characters long. |
created_at | google.protobuf.Timestamp Creation timestamp. |
created_by | string ID of the user or service account who initiated the operation. |
modified_at | google.protobuf.Timestamp The time when the Operation resource was last modified. |
done | bool If the value is false , it means the operation is still in progress. If true , the operation is completed, and either error or response is available. |
metadata | google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any. |
result | oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true , exactly one of error or response is set. |
error | google.rpc.Status The error result of the operation in case of failure or cancellation. |
response | google.protobuf.Any if operation finished successfully. |
UpdateAccessBindingsMetadata
Field | Description |
---|---|
resource_id | string ID of the resource for which access bindings are being updated. |