feat(privateca): update the API

yoshi-automation · yoshi-automation · commit 3fe49ca6af38 · 2025-03-18T00:03:48.000Z
#### privateca:v1

The following keys were added:
- schemas.CertificateAuthority.properties.userDefinedAccessUrls.$ref
- schemas.CertificateAuthority.properties.userDefinedAccessUrls.description
- schemas.IssuancePolicy.properties.backdateDuration.description
- schemas.IssuancePolicy.properties.backdateDuration.format
- schemas.IssuancePolicy.properties.backdateDuration.type
- schemas.UserDefinedAccessUrls.description
- schemas.UserDefinedAccessUrls.id
- schemas.UserDefinedAccessUrls.properties.aiaIssuingCertificateUrls.description
- schemas.UserDefinedAccessUrls.properties.aiaIssuingCertificateUrls.items.type
- schemas.UserDefinedAccessUrls.properties.aiaIssuingCertificateUrls.type
- schemas.UserDefinedAccessUrls.properties.crlAccessUrls.description
- schemas.UserDefinedAccessUrls.properties.crlAccessUrls.items.type
- schemas.UserDefinedAccessUrls.properties.crlAccessUrls.type
- schemas.UserDefinedAccessUrls.type
diff --git a/discovery/privateca-v1.json b/discovery/privateca-v1.json
@@ -1605,7 +1605,7 @@
       }
     }
   },
-  "revision": "20241204",
+  "revision": "20250226",
   "rootUrl": "https://privateca.googleapis.com/",
   "schemas": {
     "AccessUrls": {
@@ -2034,6 +2034,10 @@
           "format": "google-datetime",
           "readOnly": true,
           "type": "string"
+        },
+        "userDefinedAccessUrls": {
+          "$ref": "UserDefinedAccessUrls",
+          "description": "Optional. User-defined URLs for CA certificate and CRLs. The service does not publish content to these URLs. It is up to the user to mirror content to these URLs."
         }
       },
       "type": "object"
@@ -2491,6 +2495,11 @@
           },
           "type": "array"
         },
+        "backdateDuration": {
+          "description": "Optional. The duration to backdate all certificates issued from this CaPool. If not set, the certificates will be issued with a not_before_time of the issuance time (i.e. the current time). If set, the certificates will be issued with a not_before_time of the issuance time minus the backdate_duration. The not_after_time will be adjusted to preserve the requested lifetime. The backdate_duration must be less than or equal to 48 hours.",
+          "format": "google-duration",
+          "type": "string"
+        },
         "baselineValues": {
           "$ref": "X509Parameters",
           "description": "Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail."
@@ -3469,6 +3478,27 @@
       },
       "type": "object"
     },
+    "UserDefinedAccessUrls": {
+      "description": "User-defined URLs for accessing content published by this CertificateAuthority.",
+      "id": "UserDefinedAccessUrls",
+      "properties": {
+        "aiaIssuingCertificateUrls": {
+          "description": "Optional. A list of URLs where the issuer CA certificate may be downloaded, which appears in the \"Authority Information Access\" extension in the certificate. If specified, the default Cloud Storage URLs will be omitted.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        },
+        "crlAccessUrls": {
+          "description": "Optional. A list of URLs where to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13. If specified, the default Cloud Storage URLs will be omitted.",
+          "items": {
+            "type": "string"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object"
+    },
     "X509Extension": {
       "description": "An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.",
       "id": "X509Extension",
diff --git a/src/apis/privateca/v1.ts b/src/apis/privateca/v1.ts
@@ -399,6 +399,10 @@ export namespace privateca_v1 {
      * Output only. The time at which this CertificateAuthority was last updated.
      */
     updateTime?: string | null;
+    /**
+     * Optional. User-defined URLs for CA certificate and CRLs. The service does not publish content to these URLs. It is up to the user to mirror content to these URLs.
+     */
+    userDefinedAccessUrls?: Schema$UserDefinedAccessUrls;
   }
   /**
    * A CertificateConfig describes an X.509 certificate or CSR that is to be created, as an alternative to using ASN.1.
@@ -733,6 +737,10 @@ export namespace privateca_v1 {
      * Optional. If any AllowedKeyType is specified, then the certificate request's public key must match one of the key types listed here. Otherwise, any key may be used.
      */
     allowedKeyTypes?: Schema$AllowedKeyType[];
+    /**
+     * Optional. The duration to backdate all certificates issued from this CaPool. If not set, the certificates will be issued with a not_before_time of the issuance time (i.e. the current time). If set, the certificates will be issued with a not_before_time of the issuance time minus the backdate_duration. The not_after_time will be adjusted to preserve the requested lifetime. The backdate_duration must be less than or equal to 48 hours.
+     */
+    backdateDuration?: string | null;
     /**
      * Optional. A set of X.509 values that will be applied to all certificates issued through this CaPool. If a certificate request includes conflicting values for the same properties, they will be overwritten by the values defined here. If a certificate request uses a CertificateTemplate that defines conflicting predefined_values for the same properties, the certificate issuance request will fail.
      */
@@ -1377,6 +1385,19 @@ export namespace privateca_v1 {
      */
     requestId?: string | null;
   }
+  /**
+   * User-defined URLs for accessing content published by this CertificateAuthority.
+   */
+  export interface Schema$UserDefinedAccessUrls {
+    /**
+     * Optional. A list of URLs where the issuer CA certificate may be downloaded, which appears in the "Authority Information Access" extension in the certificate. If specified, the default Cloud Storage URLs will be omitted.
+     */
+    aiaIssuingCertificateUrls?: string[] | null;
+    /**
+     * Optional. A list of URLs where to obtain CRL information, i.e. the DistributionPoint.fullName described by https://tools.ietf.org/html/rfc5280#section-4.2.1.13. If specified, the default Cloud Storage URLs will be omitted.
+     */
+    crlAccessUrls?: string[] | null;
+  }
   /**
    * An X509Extension specifies an X.509 extension, which may be used in different parts of X.509 objects like certificates, CSRs, and CRLs.
    */
