@cdktf/provider-google
Version:
Prebuilt google Provider for Terraform CDK (cdktf)
773 lines • 67.9 kB
TypeScript
/**
* Copyright (c) HashiCorp, Inc.
* SPDX-License-Identifier: MPL-2.0
*/
import { Construct } from 'constructs';
import * as cdktf from 'cdktf';
export interface PrivatecaCertificateTemplateConfig extends cdktf.TerraformMetaArguments {
/**
* Optional. A human-readable description of scenarios this template is intended for.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#description PrivatecaCertificateTemplate#description}
*/
readonly description?: string;
/**
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#id PrivatecaCertificateTemplate#id}
*
* Please be aware that the id field is automatically added to all resources in Terraform providers using a Terraform provider SDK version below 2.
* If you experience problems setting this value it might not be settable. Please take a look at the provider documentation to ensure it should be settable.
*/
readonly id?: string;
/**
* Optional. Labels with user-defined metadata.
*
* **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
* Please refer to the field 'effective_labels' for all of the labels present on the resource.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#labels PrivatecaCertificateTemplate#labels}
*/
readonly labels?: {
[key: string]: string;
};
/**
* The location for the resource
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#location PrivatecaCertificateTemplate#location}
*/
readonly location: string;
/**
* Optional. The maximum lifetime allowed for all issued certificates that use this template. If the issuing CaPool's IssuancePolicy specifies a maximum lifetime the minimum of the two durations will be the maximum lifetime for issued. Note that if the issuing CertificateAuthority expires before a Certificate's requested maximum_lifetime, the effective lifetime will be explicitly truncated to match it.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#maximum_lifetime PrivatecaCertificateTemplate#maximum_lifetime}
*/
readonly maximumLifetime?: string;
/**
* The resource name for this CertificateTemplate in the format 'projects/* /locations/* /certificateTemplates/*'.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#name PrivatecaCertificateTemplate#name}
*
* Note: The above comment contained a comment block ending sequence (* followed by /). We have introduced a space between to prevent syntax errors. Please ignore the space.
*/
readonly name: string;
/**
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#project PrivatecaCertificateTemplate#project}
*/
readonly project?: string;
/**
* identity_constraints block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#identity_constraints PrivatecaCertificateTemplate#identity_constraints}
*/
readonly identityConstraints?: PrivatecaCertificateTemplateIdentityConstraints;
/**
* passthrough_extensions block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#passthrough_extensions PrivatecaCertificateTemplate#passthrough_extensions}
*/
readonly passthroughExtensions?: PrivatecaCertificateTemplatePassthroughExtensions;
/**
* predefined_values block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#predefined_values PrivatecaCertificateTemplate#predefined_values}
*/
readonly predefinedValues?: PrivatecaCertificateTemplatePredefinedValues;
/**
* timeouts block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#timeouts PrivatecaCertificateTemplate#timeouts}
*/
readonly timeouts?: PrivatecaCertificateTemplateTimeouts;
}
export interface PrivatecaCertificateTemplateIdentityConstraintsCelExpression {
/**
* Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#description PrivatecaCertificateTemplate#description}
*/
readonly description?: string;
/**
* Textual representation of an expression in Common Expression Language syntax.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#expression PrivatecaCertificateTemplate#expression}
*/
readonly expression?: string;
/**
* Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#location PrivatecaCertificateTemplate#location}
*/
readonly location?: string;
/**
* Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#title PrivatecaCertificateTemplate#title}
*/
readonly title?: string;
}
export declare function privatecaCertificateTemplateIdentityConstraintsCelExpressionToTerraform(struct?: PrivatecaCertificateTemplateIdentityConstraintsCelExpressionOutputReference | PrivatecaCertificateTemplateIdentityConstraintsCelExpression): any;
export declare function privatecaCertificateTemplateIdentityConstraintsCelExpressionToHclTerraform(struct?: PrivatecaCertificateTemplateIdentityConstraintsCelExpressionOutputReference | PrivatecaCertificateTemplateIdentityConstraintsCelExpression): any;
export declare class PrivatecaCertificateTemplateIdentityConstraintsCelExpressionOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): PrivatecaCertificateTemplateIdentityConstraintsCelExpression | undefined;
set internalValue(value: PrivatecaCertificateTemplateIdentityConstraintsCelExpression | undefined);
private _description?;
get description(): string;
set description(value: string);
resetDescription(): void;
get descriptionInput(): string | undefined;
private _expression?;
get expression(): string;
set expression(value: string);
resetExpression(): void;
get expressionInput(): string | undefined;
private _location?;
get location(): string;
set location(value: string);
resetLocation(): void;
get locationInput(): string | undefined;
private _title?;
get title(): string;
set title(value: string);
resetTitle(): void;
get titleInput(): string | undefined;
}
export interface PrivatecaCertificateTemplateIdentityConstraints {
/**
* Required. If this is true, the SubjectAltNames extension may be copied from a certificate request into the signed certificate. Otherwise, the requested SubjectAltNames will be discarded.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#allow_subject_alt_names_passthrough PrivatecaCertificateTemplate#allow_subject_alt_names_passthrough}
*/
readonly allowSubjectAltNamesPassthrough: boolean | cdktf.IResolvable;
/**
* Required. If this is true, the Subject field may be copied from a certificate request into the signed certificate. Otherwise, the requested Subject will be discarded.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#allow_subject_passthrough PrivatecaCertificateTemplate#allow_subject_passthrough}
*/
readonly allowSubjectPassthrough: boolean | cdktf.IResolvable;
/**
* cel_expression block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#cel_expression PrivatecaCertificateTemplate#cel_expression}
*/
readonly celExpression?: PrivatecaCertificateTemplateIdentityConstraintsCelExpression;
}
export declare function privatecaCertificateTemplateIdentityConstraintsToTerraform(struct?: PrivatecaCertificateTemplateIdentityConstraintsOutputReference | PrivatecaCertificateTemplateIdentityConstraints): any;
export declare function privatecaCertificateTemplateIdentityConstraintsToHclTerraform(struct?: PrivatecaCertificateTemplateIdentityConstraintsOutputReference | PrivatecaCertificateTemplateIdentityConstraints): any;
export declare class PrivatecaCertificateTemplateIdentityConstraintsOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): PrivatecaCertificateTemplateIdentityConstraints | undefined;
set internalValue(value: PrivatecaCertificateTemplateIdentityConstraints | undefined);
private _allowSubjectAltNamesPassthrough?;
get allowSubjectAltNamesPassthrough(): boolean | cdktf.IResolvable;
set allowSubjectAltNamesPassthrough(value: boolean | cdktf.IResolvable);
get allowSubjectAltNamesPassthroughInput(): boolean | cdktf.IResolvable | undefined;
private _allowSubjectPassthrough?;
get allowSubjectPassthrough(): boolean | cdktf.IResolvable;
set allowSubjectPassthrough(value: boolean | cdktf.IResolvable);
get allowSubjectPassthroughInput(): boolean | cdktf.IResolvable | undefined;
private _celExpression;
get celExpression(): PrivatecaCertificateTemplateIdentityConstraintsCelExpressionOutputReference;
putCelExpression(value: PrivatecaCertificateTemplateIdentityConstraintsCelExpression): void;
resetCelExpression(): void;
get celExpressionInput(): PrivatecaCertificateTemplateIdentityConstraintsCelExpression | undefined;
}
export interface PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions {
/**
* Required. The parts of an OID path. The most significant parts of the path come first.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#object_id_path PrivatecaCertificateTemplate#object_id_path}
*/
readonly objectIdPath: number[];
}
export declare function privatecaCertificateTemplatePassthroughExtensionsAdditionalExtensionsToTerraform(struct?: PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions | cdktf.IResolvable): any;
export declare function privatecaCertificateTemplatePassthroughExtensionsAdditionalExtensionsToHclTerraform(struct?: PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions | cdktf.IResolvable): any;
export declare class PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensionsOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions | cdktf.IResolvable | undefined;
set internalValue(value: PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions | cdktf.IResolvable | undefined);
private _objectIdPath?;
get objectIdPath(): number[];
set objectIdPath(value: number[]);
get objectIdPathInput(): number[] | undefined;
}
export declare class PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensionsList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensionsOutputReference;
}
export interface PrivatecaCertificateTemplatePassthroughExtensions {
/**
* Optional. A set of named X.509 extensions. Will be combined with additional_extensions to determine the full set of X.509 extensions.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#known_extensions PrivatecaCertificateTemplate#known_extensions}
*/
readonly knownExtensions?: string[];
/**
* additional_extensions block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#additional_extensions PrivatecaCertificateTemplate#additional_extensions}
*/
readonly additionalExtensions?: PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions[] | cdktf.IResolvable;
}
export declare function privatecaCertificateTemplatePassthroughExtensionsToTerraform(struct?: PrivatecaCertificateTemplatePassthroughExtensionsOutputReference | PrivatecaCertificateTemplatePassthroughExtensions): any;
export declare function privatecaCertificateTemplatePassthroughExtensionsToHclTerraform(struct?: PrivatecaCertificateTemplatePassthroughExtensionsOutputReference | PrivatecaCertificateTemplatePassthroughExtensions): any;
export declare class PrivatecaCertificateTemplatePassthroughExtensionsOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): PrivatecaCertificateTemplatePassthroughExtensions | undefined;
set internalValue(value: PrivatecaCertificateTemplatePassthroughExtensions | undefined);
private _knownExtensions?;
get knownExtensions(): string[];
set knownExtensions(value: string[]);
resetKnownExtensions(): void;
get knownExtensionsInput(): string[] | undefined;
private _additionalExtensions;
get additionalExtensions(): PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensionsList;
putAdditionalExtensions(value: PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions[] | cdktf.IResolvable): void;
resetAdditionalExtensions(): void;
get additionalExtensionsInput(): cdktf.IResolvable | PrivatecaCertificateTemplatePassthroughExtensionsAdditionalExtensions[] | undefined;
}
export interface PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectId {
/**
* Required. The parts of an OID path. The most significant parts of the path come first.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#object_id_path PrivatecaCertificateTemplate#object_id_path}
*/
readonly objectIdPath: number[];
}
export declare function privatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectIdToTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectIdOutputReference | PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectId): any;
export declare function privatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectIdToHclTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectIdOutputReference | PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectId): any;
export declare class PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectIdOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectId | undefined;
set internalValue(value: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectId | undefined);
private _objectIdPath?;
get objectIdPath(): number[];
set objectIdPath(value: number[]);
get objectIdPathInput(): number[] | undefined;
}
export interface PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensions {
/**
* Optional. Indicates whether or not this extension is critical (i.e., if the client does not know how to handle this extension, the client should consider this to be an error).
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#critical PrivatecaCertificateTemplate#critical}
*/
readonly critical?: boolean | cdktf.IResolvable;
/**
* Required. The value of this X.509 extension.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#value PrivatecaCertificateTemplate#value}
*/
readonly value: string;
/**
* object_id block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#object_id PrivatecaCertificateTemplate#object_id}
*/
readonly objectId: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectId;
}
export declare function privatecaCertificateTemplatePredefinedValuesAdditionalExtensionsToTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensions | cdktf.IResolvable): any;
export declare function privatecaCertificateTemplatePredefinedValuesAdditionalExtensionsToHclTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensions | cdktf.IResolvable): any;
export declare class PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensions | cdktf.IResolvable | undefined;
set internalValue(value: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensions | cdktf.IResolvable | undefined);
private _critical?;
get critical(): boolean | cdktf.IResolvable;
set critical(value: boolean | cdktf.IResolvable);
resetCritical(): void;
get criticalInput(): boolean | cdktf.IResolvable | undefined;
private _value?;
get value(): string;
set value(value: string);
get valueInput(): string | undefined;
private _objectId;
get objectId(): PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectIdOutputReference;
putObjectId(value: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectId): void;
get objectIdInput(): PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsObjectId | undefined;
}
export declare class PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensions[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): PrivatecaCertificateTemplatePredefinedValuesAdditionalExtensionsOutputReference;
}
export interface PrivatecaCertificateTemplatePredefinedValuesCaOptions {
/**
* Optional. Refers to the "CA" X.509 extension, which is a boolean value. When this value is true, the "CA" in Basic Constraints extension will be set to true.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#is_ca PrivatecaCertificateTemplate#is_ca}
*/
readonly isCa?: boolean | cdktf.IResolvable;
/**
* Optional. Refers to the "path length constraint" in Basic Constraints extension. For a CA certificate, this value describes the depth of
* subordinate CA certificates that are allowed. If this value is less than 0, the request will fail.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#max_issuer_path_length PrivatecaCertificateTemplate#max_issuer_path_length}
*/
readonly maxIssuerPathLength?: number;
/**
* Optional. When true, the "CA" in Basic Constraints extension will be set to null and omitted from the CA certificate.
* If both 'is_ca' and 'null_ca' are unset, the "CA" in Basic Constraints extension will be set to false.
* Note that the behavior when 'is_ca = false' for this resource is different from the behavior in the Certificate Authority, Certificate and CaPool resources.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#null_ca PrivatecaCertificateTemplate#null_ca}
*/
readonly nullCa?: boolean | cdktf.IResolvable;
/**
* Optional. When true, the "path length constraint" in Basic Constraints extension will be set to 0.
* if both 'max_issuer_path_length' and 'zero_max_issuer_path_length' are unset,
* the max path length will be omitted from the CA certificate.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#zero_max_issuer_path_length PrivatecaCertificateTemplate#zero_max_issuer_path_length}
*/
readonly zeroMaxIssuerPathLength?: boolean | cdktf.IResolvable;
}
export declare function privatecaCertificateTemplatePredefinedValuesCaOptionsToTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesCaOptionsOutputReference | PrivatecaCertificateTemplatePredefinedValuesCaOptions): any;
export declare function privatecaCertificateTemplatePredefinedValuesCaOptionsToHclTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesCaOptionsOutputReference | PrivatecaCertificateTemplatePredefinedValuesCaOptions): any;
export declare class PrivatecaCertificateTemplatePredefinedValuesCaOptionsOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): PrivatecaCertificateTemplatePredefinedValuesCaOptions | undefined;
set internalValue(value: PrivatecaCertificateTemplatePredefinedValuesCaOptions | undefined);
private _isCa?;
get isCa(): boolean | cdktf.IResolvable;
set isCa(value: boolean | cdktf.IResolvable);
resetIsCa(): void;
get isCaInput(): boolean | cdktf.IResolvable | undefined;
private _maxIssuerPathLength?;
get maxIssuerPathLength(): number;
set maxIssuerPathLength(value: number);
resetMaxIssuerPathLength(): void;
get maxIssuerPathLengthInput(): number | undefined;
private _nullCa?;
get nullCa(): boolean | cdktf.IResolvable;
set nullCa(value: boolean | cdktf.IResolvable);
resetNullCa(): void;
get nullCaInput(): boolean | cdktf.IResolvable | undefined;
private _zeroMaxIssuerPathLength?;
get zeroMaxIssuerPathLength(): boolean | cdktf.IResolvable;
set zeroMaxIssuerPathLength(value: boolean | cdktf.IResolvable);
resetZeroMaxIssuerPathLength(): void;
get zeroMaxIssuerPathLengthInput(): boolean | cdktf.IResolvable | undefined;
}
export interface PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsage {
/**
* The key may be used to sign certificates.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#cert_sign PrivatecaCertificateTemplate#cert_sign}
*/
readonly certSign?: boolean | cdktf.IResolvable;
/**
* The key may be used for cryptographic commitments. Note that this may also be referred to as "non-repudiation".
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#content_commitment PrivatecaCertificateTemplate#content_commitment}
*/
readonly contentCommitment?: boolean | cdktf.IResolvable;
/**
* The key may be used sign certificate revocation lists.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#crl_sign PrivatecaCertificateTemplate#crl_sign}
*/
readonly crlSign?: boolean | cdktf.IResolvable;
/**
* The key may be used to encipher data.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#data_encipherment PrivatecaCertificateTemplate#data_encipherment}
*/
readonly dataEncipherment?: boolean | cdktf.IResolvable;
/**
* The key may be used to decipher only.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#decipher_only PrivatecaCertificateTemplate#decipher_only}
*/
readonly decipherOnly?: boolean | cdktf.IResolvable;
/**
* The key may be used for digital signatures.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#digital_signature PrivatecaCertificateTemplate#digital_signature}
*/
readonly digitalSignature?: boolean | cdktf.IResolvable;
/**
* The key may be used to encipher only.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#encipher_only PrivatecaCertificateTemplate#encipher_only}
*/
readonly encipherOnly?: boolean | cdktf.IResolvable;
/**
* The key may be used in a key agreement protocol.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#key_agreement PrivatecaCertificateTemplate#key_agreement}
*/
readonly keyAgreement?: boolean | cdktf.IResolvable;
/**
* The key may be used to encipher other keys.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#key_encipherment PrivatecaCertificateTemplate#key_encipherment}
*/
readonly keyEncipherment?: boolean | cdktf.IResolvable;
}
export declare function privatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageToTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageOutputReference | PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsage): any;
export declare function privatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageToHclTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageOutputReference | PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsage): any;
export declare class PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsage | undefined;
set internalValue(value: PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsage | undefined);
private _certSign?;
get certSign(): boolean | cdktf.IResolvable;
set certSign(value: boolean | cdktf.IResolvable);
resetCertSign(): void;
get certSignInput(): boolean | cdktf.IResolvable | undefined;
private _contentCommitment?;
get contentCommitment(): boolean | cdktf.IResolvable;
set contentCommitment(value: boolean | cdktf.IResolvable);
resetContentCommitment(): void;
get contentCommitmentInput(): boolean | cdktf.IResolvable | undefined;
private _crlSign?;
get crlSign(): boolean | cdktf.IResolvable;
set crlSign(value: boolean | cdktf.IResolvable);
resetCrlSign(): void;
get crlSignInput(): boolean | cdktf.IResolvable | undefined;
private _dataEncipherment?;
get dataEncipherment(): boolean | cdktf.IResolvable;
set dataEncipherment(value: boolean | cdktf.IResolvable);
resetDataEncipherment(): void;
get dataEnciphermentInput(): boolean | cdktf.IResolvable | undefined;
private _decipherOnly?;
get decipherOnly(): boolean | cdktf.IResolvable;
set decipherOnly(value: boolean | cdktf.IResolvable);
resetDecipherOnly(): void;
get decipherOnlyInput(): boolean | cdktf.IResolvable | undefined;
private _digitalSignature?;
get digitalSignature(): boolean | cdktf.IResolvable;
set digitalSignature(value: boolean | cdktf.IResolvable);
resetDigitalSignature(): void;
get digitalSignatureInput(): boolean | cdktf.IResolvable | undefined;
private _encipherOnly?;
get encipherOnly(): boolean | cdktf.IResolvable;
set encipherOnly(value: boolean | cdktf.IResolvable);
resetEncipherOnly(): void;
get encipherOnlyInput(): boolean | cdktf.IResolvable | undefined;
private _keyAgreement?;
get keyAgreement(): boolean | cdktf.IResolvable;
set keyAgreement(value: boolean | cdktf.IResolvable);
resetKeyAgreement(): void;
get keyAgreementInput(): boolean | cdktf.IResolvable | undefined;
private _keyEncipherment?;
get keyEncipherment(): boolean | cdktf.IResolvable;
set keyEncipherment(value: boolean | cdktf.IResolvable);
resetKeyEncipherment(): void;
get keyEnciphermentInput(): boolean | cdktf.IResolvable | undefined;
}
export interface PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsage {
/**
* Corresponds to OID 1.3.6.1.5.5.7.3.2. Officially described as "TLS WWW client authentication", though regularly used for non-WWW TLS.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#client_auth PrivatecaCertificateTemplate#client_auth}
*/
readonly clientAuth?: boolean | cdktf.IResolvable;
/**
* Corresponds to OID 1.3.6.1.5.5.7.3.3. Officially described as "Signing of downloadable executable code client authentication".
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#code_signing PrivatecaCertificateTemplate#code_signing}
*/
readonly codeSigning?: boolean | cdktf.IResolvable;
/**
* Corresponds to OID 1.3.6.1.5.5.7.3.4. Officially described as "Email protection".
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#email_protection PrivatecaCertificateTemplate#email_protection}
*/
readonly emailProtection?: boolean | cdktf.IResolvable;
/**
* Corresponds to OID 1.3.6.1.5.5.7.3.9. Officially described as "Signing OCSP responses".
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#ocsp_signing PrivatecaCertificateTemplate#ocsp_signing}
*/
readonly ocspSigning?: boolean | cdktf.IResolvable;
/**
* Corresponds to OID 1.3.6.1.5.5.7.3.1. Officially described as "TLS WWW server authentication", though regularly used for non-WWW TLS.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#server_auth PrivatecaCertificateTemplate#server_auth}
*/
readonly serverAuth?: boolean | cdktf.IResolvable;
/**
* Corresponds to OID 1.3.6.1.5.5.7.3.8. Officially described as "Binding the hash of an object to a time".
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#time_stamping PrivatecaCertificateTemplate#time_stamping}
*/
readonly timeStamping?: boolean | cdktf.IResolvable;
}
export declare function privatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageToTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageOutputReference | PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsage): any;
export declare function privatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageToHclTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageOutputReference | PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsage): any;
export declare class PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsage | undefined;
set internalValue(value: PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsage | undefined);
private _clientAuth?;
get clientAuth(): boolean | cdktf.IResolvable;
set clientAuth(value: boolean | cdktf.IResolvable);
resetClientAuth(): void;
get clientAuthInput(): boolean | cdktf.IResolvable | undefined;
private _codeSigning?;
get codeSigning(): boolean | cdktf.IResolvable;
set codeSigning(value: boolean | cdktf.IResolvable);
resetCodeSigning(): void;
get codeSigningInput(): boolean | cdktf.IResolvable | undefined;
private _emailProtection?;
get emailProtection(): boolean | cdktf.IResolvable;
set emailProtection(value: boolean | cdktf.IResolvable);
resetEmailProtection(): void;
get emailProtectionInput(): boolean | cdktf.IResolvable | undefined;
private _ocspSigning?;
get ocspSigning(): boolean | cdktf.IResolvable;
set ocspSigning(value: boolean | cdktf.IResolvable);
resetOcspSigning(): void;
get ocspSigningInput(): boolean | cdktf.IResolvable | undefined;
private _serverAuth?;
get serverAuth(): boolean | cdktf.IResolvable;
set serverAuth(value: boolean | cdktf.IResolvable);
resetServerAuth(): void;
get serverAuthInput(): boolean | cdktf.IResolvable | undefined;
private _timeStamping?;
get timeStamping(): boolean | cdktf.IResolvable;
set timeStamping(value: boolean | cdktf.IResolvable);
resetTimeStamping(): void;
get timeStampingInput(): boolean | cdktf.IResolvable | undefined;
}
export interface PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages {
/**
* Required. The parts of an OID path. The most significant parts of the path come first.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#object_id_path PrivatecaCertificateTemplate#object_id_path}
*/
readonly objectIdPath: number[];
}
export declare function privatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsagesToTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages | cdktf.IResolvable): any;
export declare function privatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsagesToHclTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages | cdktf.IResolvable): any;
export declare class PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsagesOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
private resolvableValue?;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param complexObjectIndex the index of this item in the list
* @param complexObjectIsFromSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, complexObjectIndex: number, complexObjectIsFromSet: boolean);
get internalValue(): PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages | cdktf.IResolvable | undefined;
set internalValue(value: PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages | cdktf.IResolvable | undefined);
private _objectIdPath?;
get objectIdPath(): number[];
set objectIdPath(value: number[]);
get objectIdPathInput(): number[] | undefined;
}
export declare class PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsagesList extends cdktf.ComplexList {
protected terraformResource: cdktf.IInterpolatingParent;
protected terraformAttribute: string;
protected wrapsSet: boolean;
internalValue?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages[] | cdktf.IResolvable;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
* @param wrapsSet whether the list is wrapping a set (will add tolist() to be able to access an item via an index)
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string, wrapsSet: boolean);
/**
* @param index the index of the item to return
*/
get(index: number): PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsagesOutputReference;
}
export interface PrivatecaCertificateTemplatePredefinedValuesKeyUsage {
/**
* base_key_usage block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#base_key_usage PrivatecaCertificateTemplate#base_key_usage}
*/
readonly baseKeyUsage?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsage;
/**
* extended_key_usage block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#extended_key_usage PrivatecaCertificateTemplate#extended_key_usage}
*/
readonly extendedKeyUsage?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsage;
/**
* unknown_extended_key_usages block
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#unknown_extended_key_usages PrivatecaCertificateTemplate#unknown_extended_key_usages}
*/
readonly unknownExtendedKeyUsages?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages[] | cdktf.IResolvable;
}
export declare function privatecaCertificateTemplatePredefinedValuesKeyUsageToTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageOutputReference | PrivatecaCertificateTemplatePredefinedValuesKeyUsage): any;
export declare function privatecaCertificateTemplatePredefinedValuesKeyUsageToHclTerraform(struct?: PrivatecaCertificateTemplatePredefinedValuesKeyUsageOutputReference | PrivatecaCertificateTemplatePredefinedValuesKeyUsage): any;
export declare class PrivatecaCertificateTemplatePredefinedValuesKeyUsageOutputReference extends cdktf.ComplexObject {
private isEmptyObject;
/**
* @param terraformResource The parent resource
* @param terraformAttribute The attribute on the parent resource this class is referencing
*/
constructor(terraformResource: cdktf.IInterpolatingParent, terraformAttribute: string);
get internalValue(): PrivatecaCertificateTemplatePredefinedValuesKeyUsage | undefined;
set internalValue(value: PrivatecaCertificateTemplatePredefinedValuesKeyUsage | undefined);
private _baseKeyUsage;
get baseKeyUsage(): PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsageOutputReference;
putBaseKeyUsage(value: PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsage): void;
resetBaseKeyUsage(): void;
get baseKeyUsageInput(): PrivatecaCertificateTemplatePredefinedValuesKeyUsageBaseKeyUsage | undefined;
private _extendedKeyUsage;
get extendedKeyUsage(): PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsageOutputReference;
putExtendedKeyUsage(value: PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsage): void;
resetExtendedKeyUsage(): void;
get extendedKeyUsageInput(): PrivatecaCertificateTemplatePredefinedValuesKeyUsageExtendedKeyUsage | undefined;
private _unknownExtendedKeyUsages;
get unknownExtendedKeyUsages(): PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsagesList;
putUnknownExtendedKeyUsages(value: PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages[] | cdktf.IResolvable): void;
resetUnknownExtendedKeyUsages(): void;
get unknownExtendedKeyUsagesInput(): cdktf.IResolvable | PrivatecaCertificateTemplatePredefinedValuesKeyUsageUnknownExtendedKeyUsages[] | undefined;
}
export interface PrivatecaCertificateTemplatePredefinedValuesNameConstraints {
/**
* Indicates whether or not the name constraints are marked critical.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#critical PrivatecaCertificateTemplate#critical}
*/
readonly critical: boolean | cdktf.IResolvable;
/**
* Contains excluded DNS names. Any DNS name that can be
* constructed by simply adding zero or more labels to
* the left-hand side of the name satisfies the name constraint.
* For example, 'example.com', 'www.example.com', 'www.sub.example.com'
* would satisfy 'example.com' while 'example1.com' does not.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#excluded_dns_names PrivatecaCertificateTemplate#excluded_dns_names}
*/
readonly excludedDnsNames?: string[];
/**
* Contains the excluded email addresses. The value can be a particular
* email address, a hostname to indicate all email addresses on that host or
* a domain with a leading period (e.g. '.example.com') to indicate
* all email addresses in that domain.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#excluded_email_addresses PrivatecaCertificateTemplate#excluded_email_addresses}
*/
readonly excludedEmailAddresses?: string[];
/**
* Contains the excluded IP ranges. For IPv4 addresses, the ranges
* are expressed using CIDR notation as specified in RFC 4632.
* For IPv6 addresses, the ranges are expressed in similar encoding as IPv4
* addresses.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#excluded_ip_ranges PrivatecaCertificateTemplate#excluded_ip_ranges}
*/
readonly excludedIpRanges?: string[];
/**
* Contains the excluded URIs that apply to the host part of the name.
* The value can be a hostname or a domain with a
* leading period (like '.example.com')
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#excluded_uris PrivatecaCertificateTemplate#excluded_uris}
*/
readonly excludedUris?: string[];
/**
* Contains permitted DNS names. Any DNS name that can be
* constructed by simply adding zero or more labels to
* the left-hand side of the name satisfies the name constraint.
* For example, 'example.com', 'www.example.com', 'www.sub.example.com'
* would satisfy 'example.com' while 'example1.com' does not.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#permitted_dns_names PrivatecaCertificateTemplate#permitted_dns_names}
*/
readonly permittedDnsNames?: string[];
/**
* Contains the permitted email addresses. The value can be a particular
* email address, a hostname to indicate all email addresses on that host or
* a domain with a leading period (e.g. '.example.com') to indicate
* all email addresses in that domain.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#permitted_email_addresses PrivatecaCertificateTemplate#permitted_email_addresses}
*/
readonly permittedEmailAddresses?: string[];
/**
* Contains the permitted IP ranges. For IPv4 addresses, the ranges
* are expressed using CIDR notation as specified in RFC 4632.
* For IPv6 addresses, the ranges are expressed in similar encoding as IPv4
* addresses.
*
* Docs at Terraform Registry: {@link https://registry.terraform.io/providers/hashicorp/google/6.41.0/docs/resources/privateca_certificate_template#permitted_ip_ranges PrivatecaCertificateTemplate#permitted_ip_ranges}
*/
readonly permittedIpRanges?: string[];
/**
* Contains the permitted URIs that apply to the host part of the name.
* The value can be a hostname or a domain with a
* leading period (like '.example.com')
*
* Docs at Terraform Registry: {@