File: //snap/google-cloud-cli/current/lib/surface/certificate_manager/trust_configs/update.yaml
release_tracks: [ALPHA, BETA, GA]
help_text:
brief: |
Update TrustConfig.
description: |
Update a TrustConfig.
examples: |
To update a TrustConfig, run:
$ {command} my-trust-config --description="updated description" --trust-store=trust-anchors=ta.pem,intermediate-cas="ica1.pem;ica2.pem" --update-labels=my-key1=my-updated-value1 --remove-labels=my-key2
request:
collection: certificatemanager.projects.locations.trustConfigs
api_version: v1
modify_request_hooks:
- googlecloudsdk.command_lib.certificate_manager.hooks:UpdateTrustConfigAllowlistedCertificates
arguments:
resource:
spec: !REF googlecloudsdk.command_lib.certificate_manager.resources:trustConfig
help_text: |
Name of the TrustConfig to update.
params:
- arg_name: description
api_field: trustConfig.description
help_text: |
Human-readable description of the resource.
- arg_name: trust-store
api_field: trustConfig.trustStores
# If no trust stores are provided, the old ones are left and not updated. Even though trust
# stores field is repeated, we only allow to specify one trust store per trust config,
# so we don't introduce the `--add-trust-store` flag or similar for the `update` command.
help_text: |
Trust Store with the given trust anchor and intermediate CA PEM-encoded certificates.
Certificates should be provided in files. For multiple file names, separate them by a semicolon (';') and quote them ('"').
One file can contain multiple certificates.
Intermediate CAs are optional.
Examples:
Single files: --trust-store trust-anchors=ta.pem,intermediate-cas=ica.pem
No intermediate CAs: --trust-store trust-anchors=ta.pem
Multiple files: --trust-store trust-anchors="ta1.pem;ta2.pem",intermediate-cas="ica1.pem;ica2.pem"
type:
arg_dict:
flatten: false
spec:
- arg_name: trust-anchors
api_field: trustAnchors
type: "googlecloudsdk.command_lib.certificate_manager.arg_parsers:SemicolonSeparatedPemCertificatesFilesList:"
required: true
- arg_name: intermediate-cas
api_field: intermediateCas
type: "googlecloudsdk.command_lib.certificate_manager.arg_parsers:SemicolonSeparatedPemCertificatesFilesList:"
required: false
- arg_name: add-allowlisted-certificates
type: "googlecloudsdk.command_lib.certificate_manager.arg_parsers:CommaSeparatedPemCertificatesFilesList:"
help_text: |
Add allowlisted PEM-encoded certificates.
Certificates should be provided in files. For multiple file names, separate them by a comma (',').
One file can contain multiple certificates.
Examples:
Single file: --add-allowlisted-certificates=ac.pem
Multiple files: --add-allowlisted-certificates=ac1.pem,ac2.pem
- group:
mutex: true
params:
- arg_name: remove-allowlisted-certificates
type: "googlecloudsdk.command_lib.certificate_manager.arg_parsers:CommaSeparatedPemCertificatesFilesList:"
help_text: |
Remove allowlisted PEM-encoded certificates.
Certificates should be provided in files. For multiple file names, separate them by a comma (',').
One file can contain multiple certificates.
Examples:
Single file: --remove-allowlisted-certificates=ac.pem
Multiple files: --remove-allowlisted-certificates=ac1.pem,ac2.pem
- arg_name: clear-allowlisted-certificates
type: bool
help_text: |
Clear all allowlisted certificates.
labels:
api_field: trustConfig.labels
async:
collection: certificatemanager.projects.locations.operations
update:
read_modify_update: true