Cloud SQL Admin API . sslCerts

Instance Methods

createEphemeral(project, instance, body=None, x__xgafv=None)

Generates a short-lived X509 certificate containing the provided public key

delete(project, instance, sha1Fingerprint, x__xgafv=None)

Deletes the SSL certificate. For First Generation instances, the

get(project, instance, sha1Fingerprint, x__xgafv=None)

Retrieves a particular SSL certificate. Does not include the private key

insert(project, instance, body=None, x__xgafv=None)

Creates an SSL certificate and returns it along with the private key and

list(project, instance, x__xgafv=None)

Lists all of the current SSL certificates for the instance.

Method Details

createEphemeral(project, instance, body=None, x__xgafv=None)
Generates a short-lived X509 certificate containing the provided public key
and signed by a private key specific to the target instance. Users may use
the certificate to authenticate as themselves when connecting to the
database.

Args:
  project: string, Project ID of the Cloud SQL project. (required)
  instance: string, Cloud SQL instance ID. This does not include the project ID. (required)
  body: object, The request body.
    The object takes the form of:

{ # SslCerts create ephemeral certificate request.
    "public_key": "A String", # PEM encoded public key to include in the signed certificate.
  }

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # SslCerts Resource
    "certSerialNumber": "A String", # Serial number, as extracted from the certificate.
    "kind": "A String", # This is always <code>sql#sslCert</code>.
    "sha1Fingerprint": "A String", # Sha1 Fingerprint.
    "commonName": "A String", # User supplied name.  Constrained to [a-zA-Z.-_ ]+.
    "instance": "A String", # Name of the database instance.
    "cert": "A String", # PEM representation.
    "expirationTime": "A String", # The time when the certificate expires in <a
        # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
        # <code>2012-11-15T16:19:00.094Z</code>.
    "createTime": "A String", # The time when the certificate was created in <a
        # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
        # <code>2012-11-15T16:19:00.094Z</code>
    "selfLink": "A String", # The URI of this resource.
  }
delete(project, instance, sha1Fingerprint, x__xgafv=None)
Deletes the SSL certificate. For First Generation instances, the
certificate remains valid until the instance is restarted.

Args:
  project: string, Project ID of the project that contains the instance. (required)
  instance: string, Cloud SQL instance ID. This does not include the project ID. (required)
  sha1Fingerprint: string, Sha1 FingerPrint. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # An Operation resource.&nbsp;For successful operations that return an
      # Operation resource, only the fields relevant to the operation are populated
      # in the resource.
    "status": "A String", # The status of an operation. Valid values are <code>PENDING</code>,
        # <code>RUNNING</code>, <code>DONE</code>,
        # <code>SQL_OPERATION_STATUS_UNSPECIFIED</code>.
    "importContext": { # Database instance import context. # The context for import operation, if applicable.
      "bakImportOptions": { # Import parameters specific to SQL Server .BAK files
        "encryptionOptions": {
          "pvkPath": "A String", # Path to the Certificate Private Key (.pvk)  in Cloud Storage, in the
              # form <code>gs://bucketName/fileName</code>. The instance must have
              # write permissions to the bucket and read access to the file.
          "certPath": "A String", # Path to the Certificate (.cer) in Cloud Storage, in the form
              # <code>gs://bucketName/fileName</code>. The instance must have
              # write permissions to the bucket and read access to the file.
          "pvkPassword": "A String", # Password that encrypts the private key
        },
      },
      "kind": "A String", # This is always <code>sql#importContext</code>.
      "database": "A String", # The target database for the import. If <code>fileType</code> is
          # <code>SQL</code>, this field is required only if the import file does not
          # specify a database, and is overridden by any database specification in the
          # import file. If <code>fileType</code> is <code>CSV</code>, one database
          # must be specified.
      "fileType": "A String", # The file type for the specified uri. <br><code>SQL</code>: The file
          # contains SQL statements. <br><code>CSV</code>: The file contains CSV data.
      "uri": "A String", # Path to the import file in Cloud Storage, in the form
          # <code>gs:
          # //bucketName/fileName</code>. Compressed gzip files (.gz) are supported
          # // when <code>fileType</code> is <code>SQL</code>. The instance must have
          # // write permissions to the bucket and read access to the file.
      "importUser": "A String", # The PostgreSQL user for this import operation. PostgreSQL instances only.
      "csvImportOptions": { # Options for importing data as CSV.
        "table": "A String", # The table to which CSV data is imported.
        "columns": [ # The columns to which CSV data is imported. If not specified, all columns
            # of the database table are loaded with CSV data.
          "A String",
        ],
      },
    },
    "kind": "A String", # This is always <code>sql#operation</code>.
    "targetProject": "A String", # The project ID of the target instance related to this operation.
    "name": "A String", # An identifier that uniquely identifies the operation. You can use this
        # identifier to retrieve the Operations resource that has information about
        # the operation.
    "exportContext": { # Database instance export context. # The context for export operation, if applicable.
      "kind": "A String", # This is always <code>sql#exportContext</code>.
      "fileType": "A String", # The file type for the specified uri. <br><code>SQL</code>: The file
          # contains SQL statements. <br><code>CSV</code>: The file contains CSV data.
      "uri": "A String", # The path to the file in Google Cloud Storage where the export will be
          # stored. The URI is in the form <code>gs:
          # //bucketName/fileName</code>. If the file already exists, the requests
          # // succeeds, but the operation fails. If <code>fileType</code> is
          # // <code>SQL</code> and the filename ends with .gz, the contents are
          # // compressed.
      "csvExportOptions": { # Options for exporting data as CSV.
        "selectQuery": "A String", # The select query used to extract the data.
      },
      "databases": [ # Databases to be exported. <br /> <b>MySQL instances:</b> If
          # <code>fileType</code> is <code>SQL</code> and no database is specified, all
          # databases are exported, except for the <code>mysql</code> system database.
          # If <code>fileType</code> is <code>CSV</code>, you can specify one database,
          # either by using this property or by using the
          # <code>csvExportOptions.selectQuery</code> property, which takes precedence
          # over this property. <br /> <b>PostgreSQL instances:</b> You must specify
          # one database to be exported. If <code>fileType</code> is <code>CSV</code>,
          # this database must match the one specified in the
          # <code>csvExportOptions.selectQuery</code> property.
        "A String",
      ],
      "sqlExportOptions": { # Options for exporting data as SQL statements.
        "tables": [ # Tables to export, or that were exported, from the specified database. If
            # you specify tables, specify one and only one database. For PostgreSQL
            # instances, you can specify only one table.
          "A String",
        ],
        "mysqlExportOptions": { # Options for exporting from MySQL.
          "masterData": 42, # Option to include SQL statement required to set up replication.
              # If set to <code>1</code>, the dump file includes
              #  a CHANGE MASTER TO statement with the binary log coordinates.
              # If set to <code>2</code>, the CHANGE MASTER TO statement is written as
              #  a SQL comment, and has no effect.
              # All other values are ignored.
        },
        "schemaOnly": True or False, # Export only schemas.
      },
    },
    "insertTime": "A String", # The time this operation was enqueued in UTC timezone in <a
        # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
        # <code>2012-11-15T16:19:00.094Z</code>.
    "targetId": "A String", # Name of the database instance related to this operation.
    "operationType": "A String", # The type of the operation. Valid values are <code>CREATE</code>,
        # <code>DELETE</code>, <code>UPDATE</code>, <code>RESTART</code>,
        # <code>IMPORT</code>, <code>EXPORT</code>, <code>BACKUP_VOLUME</code>,
        # <code>RESTORE_VOLUME</code>, <code>CREATE_USER</code>,
        # <code>DELETE_USER</code>, <code>CREATE_DATABASE</code>,
        # <code>DELETE_DATABASE</code> .
    "user": "A String", # The email address of the user who initiated this operation.
    "startTime": "A String", # The time this operation actually started in UTC timezone in <a
        # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
        # <code>2012-11-15T16:19:00.094Z</code>.
    "error": { # Database instance operation errors list wrapper. # If errors occurred during processing of this operation, this field will be
        # populated.
      "kind": "A String", # This is always <code>sql#operationErrors</code>.
      "errors": [ # The list of errors encountered while processing this operation.
        { # Database instance operation error.
          "kind": "A String", # This is always <code>sql#operationError</code>.
          "code": "A String", # Identifies the specific error that occurred.
          "message": "A String", # Additional information about the error encountered.
        },
      ],
    },
    "endTime": "A String", # The time this operation finished in UTC timezone in <a
        # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
        # <code>2012-11-15T16:19:00.094Z</code>.
    "selfLink": "A String", # The URI of this resource.
    "targetLink": "A String",
  }
get(project, instance, sha1Fingerprint, x__xgafv=None)
Retrieves a particular SSL certificate.  Does not include the private key
(required for usage).  The private key must be saved from the response to
initial creation.

Args:
  project: string, Project ID of the project that contains the instance. (required)
  instance: string, Cloud SQL instance ID. This does not include the project ID. (required)
  sha1Fingerprint: string, Sha1 FingerPrint. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # SslCerts Resource
    "certSerialNumber": "A String", # Serial number, as extracted from the certificate.
    "kind": "A String", # This is always <code>sql#sslCert</code>.
    "sha1Fingerprint": "A String", # Sha1 Fingerprint.
    "commonName": "A String", # User supplied name.  Constrained to [a-zA-Z.-_ ]+.
    "instance": "A String", # Name of the database instance.
    "cert": "A String", # PEM representation.
    "expirationTime": "A String", # The time when the certificate expires in <a
        # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
        # <code>2012-11-15T16:19:00.094Z</code>.
    "createTime": "A String", # The time when the certificate was created in <a
        # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
        # <code>2012-11-15T16:19:00.094Z</code>
    "selfLink": "A String", # The URI of this resource.
  }
insert(project, instance, body=None, x__xgafv=None)
Creates an SSL certificate and returns it along with the private key and
server certificate authority.  The new certificate will not be usable until
the instance is restarted.

Args:
  project: string, Project ID of the project that contains the instance. (required)
  instance: string, Cloud SQL instance ID. This does not include the project ID. (required)
  body: object, The request body.
    The object takes the form of:

{ # SslCerts insert request.
    "commonName": "A String", # User supplied name.  Must be a distinct name from the other certificates
        # for this instance.
  }

  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # SslCert insert response.
    "clientCert": { # SslCertDetail. # The new client certificate and private key.  For First Generation
        # instances, the new certificate does not take effect until the instance is
        # restarted.
      "certPrivateKey": "A String", # The private key for the client cert, in pem format.  Keep private in order
          # to protect your security.
      "certInfo": { # SslCerts Resource # The public information about the cert.
        "certSerialNumber": "A String", # Serial number, as extracted from the certificate.
        "kind": "A String", # This is always <code>sql#sslCert</code>.
        "sha1Fingerprint": "A String", # Sha1 Fingerprint.
        "commonName": "A String", # User supplied name.  Constrained to [a-zA-Z.-_ ]+.
        "instance": "A String", # Name of the database instance.
        "cert": "A String", # PEM representation.
        "expirationTime": "A String", # The time when the certificate expires in <a
            # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
            # <code>2012-11-15T16:19:00.094Z</code>.
        "createTime": "A String", # The time when the certificate was created in <a
            # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
            # <code>2012-11-15T16:19:00.094Z</code>
        "selfLink": "A String", # The URI of this resource.
      },
    },
    "operation": { # An Operation resource.&nbsp;For successful operations that return an # The operation to track the ssl certs insert request.
        # Operation resource, only the fields relevant to the operation are populated
        # in the resource.
      "status": "A String", # The status of an operation. Valid values are <code>PENDING</code>,
          # <code>RUNNING</code>, <code>DONE</code>,
          # <code>SQL_OPERATION_STATUS_UNSPECIFIED</code>.
      "importContext": { # Database instance import context. # The context for import operation, if applicable.
        "bakImportOptions": { # Import parameters specific to SQL Server .BAK files
          "encryptionOptions": {
            "pvkPath": "A String", # Path to the Certificate Private Key (.pvk)  in Cloud Storage, in the
                # form <code>gs://bucketName/fileName</code>. The instance must have
                # write permissions to the bucket and read access to the file.
            "certPath": "A String", # Path to the Certificate (.cer) in Cloud Storage, in the form
                # <code>gs://bucketName/fileName</code>. The instance must have
                # write permissions to the bucket and read access to the file.
            "pvkPassword": "A String", # Password that encrypts the private key
          },
        },
        "kind": "A String", # This is always <code>sql#importContext</code>.
        "database": "A String", # The target database for the import. If <code>fileType</code> is
            # <code>SQL</code>, this field is required only if the import file does not
            # specify a database, and is overridden by any database specification in the
            # import file. If <code>fileType</code> is <code>CSV</code>, one database
            # must be specified.
        "fileType": "A String", # The file type for the specified uri. <br><code>SQL</code>: The file
            # contains SQL statements. <br><code>CSV</code>: The file contains CSV data.
        "uri": "A String", # Path to the import file in Cloud Storage, in the form
            # <code>gs:
            # //bucketName/fileName</code>. Compressed gzip files (.gz) are supported
            # // when <code>fileType</code> is <code>SQL</code>. The instance must have
            # // write permissions to the bucket and read access to the file.
        "importUser": "A String", # The PostgreSQL user for this import operation. PostgreSQL instances only.
        "csvImportOptions": { # Options for importing data as CSV.
          "table": "A String", # The table to which CSV data is imported.
          "columns": [ # The columns to which CSV data is imported. If not specified, all columns
              # of the database table are loaded with CSV data.
            "A String",
          ],
        },
      },
      "kind": "A String", # This is always <code>sql#operation</code>.
      "targetProject": "A String", # The project ID of the target instance related to this operation.
      "name": "A String", # An identifier that uniquely identifies the operation. You can use this
          # identifier to retrieve the Operations resource that has information about
          # the operation.
      "exportContext": { # Database instance export context. # The context for export operation, if applicable.
        "kind": "A String", # This is always <code>sql#exportContext</code>.
        "fileType": "A String", # The file type for the specified uri. <br><code>SQL</code>: The file
            # contains SQL statements. <br><code>CSV</code>: The file contains CSV data.
        "uri": "A String", # The path to the file in Google Cloud Storage where the export will be
            # stored. The URI is in the form <code>gs:
            # //bucketName/fileName</code>. If the file already exists, the requests
            # // succeeds, but the operation fails. If <code>fileType</code> is
            # // <code>SQL</code> and the filename ends with .gz, the contents are
            # // compressed.
        "csvExportOptions": { # Options for exporting data as CSV.
          "selectQuery": "A String", # The select query used to extract the data.
        },
        "databases": [ # Databases to be exported. <br /> <b>MySQL instances:</b> If
            # <code>fileType</code> is <code>SQL</code> and no database is specified, all
            # databases are exported, except for the <code>mysql</code> system database.
            # If <code>fileType</code> is <code>CSV</code>, you can specify one database,
            # either by using this property or by using the
            # <code>csvExportOptions.selectQuery</code> property, which takes precedence
            # over this property. <br /> <b>PostgreSQL instances:</b> You must specify
            # one database to be exported. If <code>fileType</code> is <code>CSV</code>,
            # this database must match the one specified in the
            # <code>csvExportOptions.selectQuery</code> property.
          "A String",
        ],
        "sqlExportOptions": { # Options for exporting data as SQL statements.
          "tables": [ # Tables to export, or that were exported, from the specified database. If
              # you specify tables, specify one and only one database. For PostgreSQL
              # instances, you can specify only one table.
            "A String",
          ],
          "mysqlExportOptions": { # Options for exporting from MySQL.
            "masterData": 42, # Option to include SQL statement required to set up replication.
                # If set to <code>1</code>, the dump file includes
                #  a CHANGE MASTER TO statement with the binary log coordinates.
                # If set to <code>2</code>, the CHANGE MASTER TO statement is written as
                #  a SQL comment, and has no effect.
                # All other values are ignored.
          },
          "schemaOnly": True or False, # Export only schemas.
        },
      },
      "insertTime": "A String", # The time this operation was enqueued in UTC timezone in <a
          # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
          # <code>2012-11-15T16:19:00.094Z</code>.
      "targetId": "A String", # Name of the database instance related to this operation.
      "operationType": "A String", # The type of the operation. Valid values are <code>CREATE</code>,
          # <code>DELETE</code>, <code>UPDATE</code>, <code>RESTART</code>,
          # <code>IMPORT</code>, <code>EXPORT</code>, <code>BACKUP_VOLUME</code>,
          # <code>RESTORE_VOLUME</code>, <code>CREATE_USER</code>,
          # <code>DELETE_USER</code>, <code>CREATE_DATABASE</code>,
          # <code>DELETE_DATABASE</code> .
      "user": "A String", # The email address of the user who initiated this operation.
      "startTime": "A String", # The time this operation actually started in UTC timezone in <a
          # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
          # <code>2012-11-15T16:19:00.094Z</code>.
      "error": { # Database instance operation errors list wrapper. # If errors occurred during processing of this operation, this field will be
          # populated.
        "kind": "A String", # This is always <code>sql#operationErrors</code>.
        "errors": [ # The list of errors encountered while processing this operation.
          { # Database instance operation error.
            "kind": "A String", # This is always <code>sql#operationError</code>.
            "code": "A String", # Identifies the specific error that occurred.
            "message": "A String", # Additional information about the error encountered.
          },
        ],
      },
      "endTime": "A String", # The time this operation finished in UTC timezone in <a
          # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
          # <code>2012-11-15T16:19:00.094Z</code>.
      "selfLink": "A String", # The URI of this resource.
      "targetLink": "A String",
    },
    "kind": "A String", # This is always <code>sql#sslCertsInsert</code>.
    "serverCaCert": { # SslCerts Resource # The server Certificate Authority's certificate.  If this is missing you can
        # force a new one to be generated by calling resetSslConfig method on
        # instances resource.
      "certSerialNumber": "A String", # Serial number, as extracted from the certificate.
      "kind": "A String", # This is always <code>sql#sslCert</code>.
      "sha1Fingerprint": "A String", # Sha1 Fingerprint.
      "commonName": "A String", # User supplied name.  Constrained to [a-zA-Z.-_ ]+.
      "instance": "A String", # Name of the database instance.
      "cert": "A String", # PEM representation.
      "expirationTime": "A String", # The time when the certificate expires in <a
          # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
          # <code>2012-11-15T16:19:00.094Z</code>.
      "createTime": "A String", # The time when the certificate was created in <a
          # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
          # <code>2012-11-15T16:19:00.094Z</code>
      "selfLink": "A String", # The URI of this resource.
    },
  }
list(project, instance, x__xgafv=None)
Lists all of the current SSL certificates for the instance.

Args:
  project: string, Project ID of the project that contains the instance. (required)
  instance: string, Cloud SQL instance ID. This does not include the project ID. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # SslCerts list response.
    "items": [ # List of client certificates for the instance.
      { # SslCerts Resource
        "certSerialNumber": "A String", # Serial number, as extracted from the certificate.
        "kind": "A String", # This is always <code>sql#sslCert</code>.
        "sha1Fingerprint": "A String", # Sha1 Fingerprint.
        "commonName": "A String", # User supplied name.  Constrained to [a-zA-Z.-_ ]+.
        "instance": "A String", # Name of the database instance.
        "cert": "A String", # PEM representation.
        "expirationTime": "A String", # The time when the certificate expires in <a
            # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
            # <code>2012-11-15T16:19:00.094Z</code>.
        "createTime": "A String", # The time when the certificate was created in <a
            # href="https://tools.ietf.org/html/rfc3339">RFC 3339</a> format, for example
            # <code>2012-11-15T16:19:00.094Z</code>
        "selfLink": "A String", # The URI of this resource.
      },
    ],
    "kind": "A String", # This is always <code>sql#sslCertsList</code>.
  }