Reference documentation and code samples for the Network Security V1 API class Google::Cloud::NetworkSecurity::V1::BackendAuthenticationConfig.
BackendAuthenticationConfig message groups the TrustConfig together with other settings that control how the load balancer authenticates, and expresses its identity to, the backend:
trustConfigis the attached TrustConfig.wellKnownRootsindicates whether the load balance should trust backend server certificates that are issued by public certificate authorities, in addition to certificates trusted by the TrustConfig.clientCertificateis a client certificate that the load balancer uses to express its identity to the backend, if the connection to the backend uses mTLS.
You can attach the BackendAuthenticationConfig to the load balancer's BackendService directly determining how that BackendService negotiates TLS.
Inherits
- Object
Extended By
- Google::Protobuf::MessageExts::ClassMethods
Includes
- Google::Protobuf::MessageExts
Methods
#client_certificate
def client_certificate() -> ::String-
(::String) — Optional. A reference to a certificatemanager.googleapis.com.Certificate
resource. This is a relative resource path following the form
"projects/{project}/locations/{location}/certificates/{certificate}".
Used by a BackendService to negotiate mTLS when the backend connection uses TLS and the backend requests a client certificate. Must have a CLIENT_AUTH scope.
#client_certificate=
def client_certificate=(value) -> ::String-
value (::String) — Optional. A reference to a certificatemanager.googleapis.com.Certificate
resource. This is a relative resource path following the form
"projects/{project}/locations/{location}/certificates/{certificate}".
Used by a BackendService to negotiate mTLS when the backend connection uses TLS and the backend requests a client certificate. Must have a CLIENT_AUTH scope.
-
(::String) — Optional. A reference to a certificatemanager.googleapis.com.Certificate
resource. This is a relative resource path following the form
"projects/{project}/locations/{location}/certificates/{certificate}".
Used by a BackendService to negotiate mTLS when the backend connection uses TLS and the backend requests a client certificate. Must have a CLIENT_AUTH scope.
#create_time
def create_time() -> ::Google::Protobuf::Timestamp- (::Google::Protobuf::Timestamp) — Output only. The timestamp when the resource was created.
#description
def description() -> ::String- (::String) — Optional. Free-text description of the resource.
#description=
def description=(value) -> ::String- value (::String) — Optional. Free-text description of the resource.
- (::String) — Optional. Free-text description of the resource.
#etag
def etag() -> ::String- (::String) — Output only. Etag of the resource.
#labels
def labels() -> ::Google::Protobuf::Map{::String => ::String}- (::Google::Protobuf::Map{::String => ::String}) — Set of label tags associated with the resource.
#labels=
def labels=(value) -> ::Google::Protobuf::Map{::String => ::String}- value (::Google::Protobuf::Map{::String => ::String}) — Set of label tags associated with the resource.
- (::Google::Protobuf::Map{::String => ::String}) — Set of label tags associated with the resource.
#name
def name() -> ::String-
(::String) — Required. Name of the BackendAuthenticationConfig resource. It matches the
pattern
projects/*/locations/{location}/backendAuthenticationConfigs/{backend_authentication_config}
#name=
def name=(value) -> ::String-
value (::String) — Required. Name of the BackendAuthenticationConfig resource. It matches the
pattern
projects/*/locations/{location}/backendAuthenticationConfigs/{backend_authentication_config}
-
(::String) — Required. Name of the BackendAuthenticationConfig resource. It matches the
pattern
projects/*/locations/{location}/backendAuthenticationConfigs/{backend_authentication_config}
#trust_config
def trust_config() -> ::String-
(::String) — Optional. A reference to a TrustConfig resource from the
certificatemanager.googleapis.com namespace. This is a relative resource
path following the form
"projects/{project}/locations/{location}/trustConfigs/{trust_config}".
A BackendService uses the chain of trust represented by this TrustConfig, if specified, to validate the server certificates presented by the backend. Required unless wellKnownRoots is set to PUBLIC_ROOTS.
#trust_config=
def trust_config=(value) -> ::String-
value (::String) — Optional. A reference to a TrustConfig resource from the
certificatemanager.googleapis.com namespace. This is a relative resource
path following the form
"projects/{project}/locations/{location}/trustConfigs/{trust_config}".
A BackendService uses the chain of trust represented by this TrustConfig, if specified, to validate the server certificates presented by the backend. Required unless wellKnownRoots is set to PUBLIC_ROOTS.
-
(::String) — Optional. A reference to a TrustConfig resource from the
certificatemanager.googleapis.com namespace. This is a relative resource
path following the form
"projects/{project}/locations/{location}/trustConfigs/{trust_config}".
A BackendService uses the chain of trust represented by this TrustConfig, if specified, to validate the server certificates presented by the backend. Required unless wellKnownRoots is set to PUBLIC_ROOTS.
#update_time
def update_time() -> ::Google::Protobuf::Timestamp- (::Google::Protobuf::Timestamp) — Output only. The timestamp when the resource was updated.
#well_known_roots
def well_known_roots() -> ::Google::Cloud::NetworkSecurity::V1::BackendAuthenticationConfig::WellKnownRoots- (::Google::Cloud::NetworkSecurity::V1::BackendAuthenticationConfig::WellKnownRoots) — Well known roots to use for server certificate validation.
#well_known_roots=
def well_known_roots=(value) -> ::Google::Cloud::NetworkSecurity::V1::BackendAuthenticationConfig::WellKnownRoots- value (::Google::Cloud::NetworkSecurity::V1::BackendAuthenticationConfig::WellKnownRoots) — Well known roots to use for server certificate validation.
- (::Google::Cloud::NetworkSecurity::V1::BackendAuthenticationConfig::WellKnownRoots) — Well known roots to use for server certificate validation.