aws-sdk-acmpca 1.26.0 → 1.27.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-acmpca.rb +1 -1
- data/lib/aws-sdk-acmpca/client.rb +701 -134
- data/lib/aws-sdk-acmpca/client_api.rb +78 -10
- data/lib/aws-sdk-acmpca/errors.rb +16 -0
- data/lib/aws-sdk-acmpca/types.rb +416 -87
- metadata +2 -2
@@ -13,7 +13,9 @@ module Aws::ACMPCA
|
|
13
13
|
|
14
14
|
include Seahorse::Model
|
15
15
|
|
16
|
+
ASN1PrintableString64 = Shapes::StringShape.new(name: 'ASN1PrintableString64')
|
16
17
|
ASN1Subject = Shapes::StructureShape.new(name: 'ASN1Subject')
|
18
|
+
AWSPolicy = Shapes::StringShape.new(name: 'AWSPolicy')
|
17
19
|
AccountId = Shapes::StringShape.new(name: 'AccountId')
|
18
20
|
ActionList = Shapes::ListShape.new(name: 'ActionList')
|
19
21
|
ActionType = Shapes::StringShape.new(name: 'ActionType')
|
@@ -44,11 +46,11 @@ module Aws::ACMPCA
|
|
44
46
|
CsrBody = Shapes::StringShape.new(name: 'CsrBody')
|
45
47
|
DeleteCertificateAuthorityRequest = Shapes::StructureShape.new(name: 'DeleteCertificateAuthorityRequest')
|
46
48
|
DeletePermissionRequest = Shapes::StructureShape.new(name: 'DeletePermissionRequest')
|
49
|
+
DeletePolicyRequest = Shapes::StructureShape.new(name: 'DeletePolicyRequest')
|
47
50
|
DescribeCertificateAuthorityAuditReportRequest = Shapes::StructureShape.new(name: 'DescribeCertificateAuthorityAuditReportRequest')
|
48
51
|
DescribeCertificateAuthorityAuditReportResponse = Shapes::StructureShape.new(name: 'DescribeCertificateAuthorityAuditReportResponse')
|
49
52
|
DescribeCertificateAuthorityRequest = Shapes::StructureShape.new(name: 'DescribeCertificateAuthorityRequest')
|
50
53
|
DescribeCertificateAuthorityResponse = Shapes::StructureShape.new(name: 'DescribeCertificateAuthorityResponse')
|
51
|
-
DistinguishedNameQualifierString = Shapes::StringShape.new(name: 'DistinguishedNameQualifierString')
|
52
54
|
FailureReason = Shapes::StringShape.new(name: 'FailureReason')
|
53
55
|
GetCertificateAuthorityCertificateRequest = Shapes::StructureShape.new(name: 'GetCertificateAuthorityCertificateRequest')
|
54
56
|
GetCertificateAuthorityCertificateResponse = Shapes::StructureShape.new(name: 'GetCertificateAuthorityCertificateResponse')
|
@@ -56,6 +58,8 @@ module Aws::ACMPCA
|
|
56
58
|
GetCertificateAuthorityCsrResponse = Shapes::StructureShape.new(name: 'GetCertificateAuthorityCsrResponse')
|
57
59
|
GetCertificateRequest = Shapes::StructureShape.new(name: 'GetCertificateRequest')
|
58
60
|
GetCertificateResponse = Shapes::StructureShape.new(name: 'GetCertificateResponse')
|
61
|
+
GetPolicyRequest = Shapes::StructureShape.new(name: 'GetPolicyRequest')
|
62
|
+
GetPolicyResponse = Shapes::StructureShape.new(name: 'GetPolicyResponse')
|
59
63
|
IdempotencyToken = Shapes::StringShape.new(name: 'IdempotencyToken')
|
60
64
|
ImportCertificateAuthorityCertificateRequest = Shapes::StructureShape.new(name: 'ImportCertificateAuthorityCertificateRequest')
|
61
65
|
Integer1To5000 = Shapes::IntegerShape.new(name: 'Integer1To5000')
|
@@ -76,6 +80,7 @@ module Aws::ACMPCA
|
|
76
80
|
ListPermissionsResponse = Shapes::StructureShape.new(name: 'ListPermissionsResponse')
|
77
81
|
ListTagsRequest = Shapes::StructureShape.new(name: 'ListTagsRequest')
|
78
82
|
ListTagsResponse = Shapes::StructureShape.new(name: 'ListTagsResponse')
|
83
|
+
LockoutPreventedException = Shapes::StructureShape.new(name: 'LockoutPreventedException')
|
79
84
|
MalformedCSRException = Shapes::StructureShape.new(name: 'MalformedCSRException')
|
80
85
|
MalformedCertificateException = Shapes::StructureShape.new(name: 'MalformedCertificateException')
|
81
86
|
MaxResults = Shapes::IntegerShape.new(name: 'MaxResults')
|
@@ -86,14 +91,18 @@ module Aws::ACMPCA
|
|
86
91
|
PermissionList = Shapes::ListShape.new(name: 'PermissionList')
|
87
92
|
PositiveLong = Shapes::IntegerShape.new(name: 'PositiveLong')
|
88
93
|
Principal = Shapes::StringShape.new(name: 'Principal')
|
94
|
+
PutPolicyRequest = Shapes::StructureShape.new(name: 'PutPolicyRequest')
|
89
95
|
RequestAlreadyProcessedException = Shapes::StructureShape.new(name: 'RequestAlreadyProcessedException')
|
90
96
|
RequestFailedException = Shapes::StructureShape.new(name: 'RequestFailedException')
|
91
97
|
RequestInProgressException = Shapes::StructureShape.new(name: 'RequestInProgressException')
|
92
98
|
ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
|
99
|
+
ResourceOwner = Shapes::StringShape.new(name: 'ResourceOwner')
|
93
100
|
RestoreCertificateAuthorityRequest = Shapes::StructureShape.new(name: 'RestoreCertificateAuthorityRequest')
|
94
101
|
RevocationConfiguration = Shapes::StructureShape.new(name: 'RevocationConfiguration')
|
95
102
|
RevocationReason = Shapes::StringShape.new(name: 'RevocationReason')
|
96
103
|
RevokeCertificateRequest = Shapes::StructureShape.new(name: 'RevokeCertificateRequest')
|
104
|
+
S3BucketName = Shapes::StringShape.new(name: 'S3BucketName')
|
105
|
+
S3Key = Shapes::StringShape.new(name: 'S3Key')
|
97
106
|
SigningAlgorithm = Shapes::StringShape.new(name: 'SigningAlgorithm')
|
98
107
|
String = Shapes::StringShape.new(name: 'String')
|
99
108
|
String128 = Shapes::StringShape.new(name: 'String128')
|
@@ -119,10 +128,10 @@ module Aws::ACMPCA
|
|
119
128
|
ASN1Subject.add_member(:country, Shapes::ShapeRef.new(shape: CountryCodeString, location_name: "Country"))
|
120
129
|
ASN1Subject.add_member(:organization, Shapes::ShapeRef.new(shape: String64, location_name: "Organization"))
|
121
130
|
ASN1Subject.add_member(:organizational_unit, Shapes::ShapeRef.new(shape: String64, location_name: "OrganizationalUnit"))
|
122
|
-
ASN1Subject.add_member(:distinguished_name_qualifier, Shapes::ShapeRef.new(shape:
|
131
|
+
ASN1Subject.add_member(:distinguished_name_qualifier, Shapes::ShapeRef.new(shape: ASN1PrintableString64, location_name: "DistinguishedNameQualifier"))
|
123
132
|
ASN1Subject.add_member(:state, Shapes::ShapeRef.new(shape: String128, location_name: "State"))
|
124
133
|
ASN1Subject.add_member(:common_name, Shapes::ShapeRef.new(shape: String64, location_name: "CommonName"))
|
125
|
-
ASN1Subject.add_member(:serial_number, Shapes::ShapeRef.new(shape:
|
134
|
+
ASN1Subject.add_member(:serial_number, Shapes::ShapeRef.new(shape: ASN1PrintableString64, location_name: "SerialNumber"))
|
126
135
|
ASN1Subject.add_member(:locality, Shapes::ShapeRef.new(shape: String128, location_name: "Locality"))
|
127
136
|
ASN1Subject.add_member(:title, Shapes::ShapeRef.new(shape: String64, location_name: "Title"))
|
128
137
|
ASN1Subject.add_member(:surname, Shapes::ShapeRef.new(shape: String40, location_name: "Surname"))
|
@@ -137,6 +146,7 @@ module Aws::ACMPCA
|
|
137
146
|
CertificateAuthorities.member = Shapes::ShapeRef.new(shape: CertificateAuthority)
|
138
147
|
|
139
148
|
CertificateAuthority.add_member(:arn, Shapes::ShapeRef.new(shape: Arn, location_name: "Arn"))
|
149
|
+
CertificateAuthority.add_member(:owner_account, Shapes::ShapeRef.new(shape: AccountId, location_name: "OwnerAccount"))
|
140
150
|
CertificateAuthority.add_member(:created_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "CreatedAt"))
|
141
151
|
CertificateAuthority.add_member(:last_state_change_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "LastStateChangeAt"))
|
142
152
|
CertificateAuthority.add_member(:type, Shapes::ShapeRef.new(shape: CertificateAuthorityType, location_name: "Type"))
|
@@ -162,12 +172,12 @@ module Aws::ACMPCA
|
|
162
172
|
ConcurrentModificationException.struct_class = Types::ConcurrentModificationException
|
163
173
|
|
164
174
|
CreateCertificateAuthorityAuditReportRequest.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateAuthorityArn"))
|
165
|
-
CreateCertificateAuthorityAuditReportRequest.add_member(:s3_bucket_name, Shapes::ShapeRef.new(shape:
|
175
|
+
CreateCertificateAuthorityAuditReportRequest.add_member(:s3_bucket_name, Shapes::ShapeRef.new(shape: S3BucketName, required: true, location_name: "S3BucketName"))
|
166
176
|
CreateCertificateAuthorityAuditReportRequest.add_member(:audit_report_response_format, Shapes::ShapeRef.new(shape: AuditReportResponseFormat, required: true, location_name: "AuditReportResponseFormat"))
|
167
177
|
CreateCertificateAuthorityAuditReportRequest.struct_class = Types::CreateCertificateAuthorityAuditReportRequest
|
168
178
|
|
169
179
|
CreateCertificateAuthorityAuditReportResponse.add_member(:audit_report_id, Shapes::ShapeRef.new(shape: AuditReportId, location_name: "AuditReportId"))
|
170
|
-
CreateCertificateAuthorityAuditReportResponse.add_member(:s3_key, Shapes::ShapeRef.new(shape:
|
180
|
+
CreateCertificateAuthorityAuditReportResponse.add_member(:s3_key, Shapes::ShapeRef.new(shape: S3Key, location_name: "S3Key"))
|
171
181
|
CreateCertificateAuthorityAuditReportResponse.struct_class = Types::CreateCertificateAuthorityAuditReportResponse
|
172
182
|
|
173
183
|
CreateCertificateAuthorityRequest.add_member(:certificate_authority_configuration, Shapes::ShapeRef.new(shape: CertificateAuthorityConfiguration, required: true, location_name: "CertificateAuthorityConfiguration"))
|
@@ -201,13 +211,16 @@ module Aws::ACMPCA
|
|
201
211
|
DeletePermissionRequest.add_member(:source_account, Shapes::ShapeRef.new(shape: AccountId, location_name: "SourceAccount"))
|
202
212
|
DeletePermissionRequest.struct_class = Types::DeletePermissionRequest
|
203
213
|
|
214
|
+
DeletePolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "ResourceArn"))
|
215
|
+
DeletePolicyRequest.struct_class = Types::DeletePolicyRequest
|
216
|
+
|
204
217
|
DescribeCertificateAuthorityAuditReportRequest.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateAuthorityArn"))
|
205
218
|
DescribeCertificateAuthorityAuditReportRequest.add_member(:audit_report_id, Shapes::ShapeRef.new(shape: AuditReportId, required: true, location_name: "AuditReportId"))
|
206
219
|
DescribeCertificateAuthorityAuditReportRequest.struct_class = Types::DescribeCertificateAuthorityAuditReportRequest
|
207
220
|
|
208
221
|
DescribeCertificateAuthorityAuditReportResponse.add_member(:audit_report_status, Shapes::ShapeRef.new(shape: AuditReportStatus, location_name: "AuditReportStatus"))
|
209
|
-
DescribeCertificateAuthorityAuditReportResponse.add_member(:s3_bucket_name, Shapes::ShapeRef.new(shape:
|
210
|
-
DescribeCertificateAuthorityAuditReportResponse.add_member(:s3_key, Shapes::ShapeRef.new(shape:
|
222
|
+
DescribeCertificateAuthorityAuditReportResponse.add_member(:s3_bucket_name, Shapes::ShapeRef.new(shape: S3BucketName, location_name: "S3BucketName"))
|
223
|
+
DescribeCertificateAuthorityAuditReportResponse.add_member(:s3_key, Shapes::ShapeRef.new(shape: S3Key, location_name: "S3Key"))
|
211
224
|
DescribeCertificateAuthorityAuditReportResponse.add_member(:created_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "CreatedAt"))
|
212
225
|
DescribeCertificateAuthorityAuditReportResponse.struct_class = Types::DescribeCertificateAuthorityAuditReportResponse
|
213
226
|
|
@@ -238,6 +251,12 @@ module Aws::ACMPCA
|
|
238
251
|
GetCertificateResponse.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: CertificateChain, location_name: "CertificateChain"))
|
239
252
|
GetCertificateResponse.struct_class = Types::GetCertificateResponse
|
240
253
|
|
254
|
+
GetPolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "ResourceArn"))
|
255
|
+
GetPolicyRequest.struct_class = Types::GetPolicyRequest
|
256
|
+
|
257
|
+
GetPolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: AWSPolicy, location_name: "Policy"))
|
258
|
+
GetPolicyResponse.struct_class = Types::GetPolicyResponse
|
259
|
+
|
241
260
|
ImportCertificateAuthorityCertificateRequest.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateAuthorityArn"))
|
242
261
|
ImportCertificateAuthorityCertificateRequest.add_member(:certificate, Shapes::ShapeRef.new(shape: CertificateBodyBlob, required: true, location_name: "Certificate"))
|
243
262
|
ImportCertificateAuthorityCertificateRequest.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: CertificateChainBlob, location_name: "CertificateChain"))
|
@@ -280,6 +299,7 @@ module Aws::ACMPCA
|
|
280
299
|
|
281
300
|
ListCertificateAuthoritiesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
|
282
301
|
ListCertificateAuthoritiesRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
|
302
|
+
ListCertificateAuthoritiesRequest.add_member(:resource_owner, Shapes::ShapeRef.new(shape: ResourceOwner, location_name: "ResourceOwner"))
|
283
303
|
ListCertificateAuthoritiesRequest.struct_class = Types::ListCertificateAuthoritiesRequest
|
284
304
|
|
285
305
|
ListCertificateAuthoritiesResponse.add_member(:certificate_authorities, Shapes::ShapeRef.new(shape: CertificateAuthorities, location_name: "CertificateAuthorities"))
|
@@ -304,6 +324,9 @@ module Aws::ACMPCA
|
|
304
324
|
ListTagsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
|
305
325
|
ListTagsResponse.struct_class = Types::ListTagsResponse
|
306
326
|
|
327
|
+
LockoutPreventedException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
|
328
|
+
LockoutPreventedException.struct_class = Types::LockoutPreventedException
|
329
|
+
|
307
330
|
MalformedCSRException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
|
308
331
|
MalformedCSRException.struct_class = Types::MalformedCSRException
|
309
332
|
|
@@ -312,10 +335,10 @@ module Aws::ACMPCA
|
|
312
335
|
|
313
336
|
Permission.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateAuthorityArn"))
|
314
337
|
Permission.add_member(:created_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "CreatedAt"))
|
315
|
-
Permission.add_member(:principal, Shapes::ShapeRef.new(shape:
|
316
|
-
Permission.add_member(:source_account, Shapes::ShapeRef.new(shape:
|
338
|
+
Permission.add_member(:principal, Shapes::ShapeRef.new(shape: Principal, location_name: "Principal"))
|
339
|
+
Permission.add_member(:source_account, Shapes::ShapeRef.new(shape: AccountId, location_name: "SourceAccount"))
|
317
340
|
Permission.add_member(:actions, Shapes::ShapeRef.new(shape: ActionList, location_name: "Actions"))
|
318
|
-
Permission.add_member(:policy, Shapes::ShapeRef.new(shape:
|
341
|
+
Permission.add_member(:policy, Shapes::ShapeRef.new(shape: AWSPolicy, location_name: "Policy"))
|
319
342
|
Permission.struct_class = Types::Permission
|
320
343
|
|
321
344
|
PermissionAlreadyExistsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
|
@@ -323,6 +346,10 @@ module Aws::ACMPCA
|
|
323
346
|
|
324
347
|
PermissionList.member = Shapes::ShapeRef.new(shape: Permission)
|
325
348
|
|
349
|
+
PutPolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "ResourceArn"))
|
350
|
+
PutPolicyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: AWSPolicy, required: true, location_name: "Policy"))
|
351
|
+
PutPolicyRequest.struct_class = Types::PutPolicyRequest
|
352
|
+
|
326
353
|
RequestAlreadyProcessedException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
|
327
354
|
RequestAlreadyProcessedException.struct_class = Types::RequestAlreadyProcessedException
|
328
355
|
|
@@ -455,6 +482,20 @@ module Aws::ACMPCA
|
|
455
482
|
o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
|
456
483
|
end)
|
457
484
|
|
485
|
+
api.add_operation(:delete_policy, Seahorse::Model::Operation.new.tap do |o|
|
486
|
+
o.name = "DeletePolicy"
|
487
|
+
o.http_method = "POST"
|
488
|
+
o.http_request_uri = "/"
|
489
|
+
o.input = Shapes::ShapeRef.new(shape: DeletePolicyRequest)
|
490
|
+
o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
|
491
|
+
o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
|
492
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
|
493
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
|
494
|
+
o.errors << Shapes::ShapeRef.new(shape: LockoutPreventedException)
|
495
|
+
o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
|
496
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
497
|
+
end)
|
498
|
+
|
458
499
|
api.add_operation(:describe_certificate_authority, Seahorse::Model::Operation.new.tap do |o|
|
459
500
|
o.name = "DescribeCertificateAuthority"
|
460
501
|
o.http_method = "POST"
|
@@ -513,6 +554,18 @@ module Aws::ACMPCA
|
|
513
554
|
o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
|
514
555
|
end)
|
515
556
|
|
557
|
+
api.add_operation(:get_policy, Seahorse::Model::Operation.new.tap do |o|
|
558
|
+
o.name = "GetPolicy"
|
559
|
+
o.http_method = "POST"
|
560
|
+
o.http_request_uri = "/"
|
561
|
+
o.input = Shapes::ShapeRef.new(shape: GetPolicyRequest)
|
562
|
+
o.output = Shapes::ShapeRef.new(shape: GetPolicyResponse)
|
563
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
|
564
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
|
565
|
+
o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
|
566
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
567
|
+
end)
|
568
|
+
|
516
569
|
api.add_operation(:import_certificate_authority_certificate, Seahorse::Model::Operation.new.tap do |o|
|
517
570
|
o.name = "ImportCertificateAuthorityCertificate"
|
518
571
|
o.http_method = "POST"
|
@@ -595,6 +648,21 @@ module Aws::ACMPCA
|
|
595
648
|
)
|
596
649
|
end)
|
597
650
|
|
651
|
+
api.add_operation(:put_policy, Seahorse::Model::Operation.new.tap do |o|
|
652
|
+
o.name = "PutPolicy"
|
653
|
+
o.http_method = "POST"
|
654
|
+
o.http_request_uri = "/"
|
655
|
+
o.input = Shapes::ShapeRef.new(shape: PutPolicyRequest)
|
656
|
+
o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
|
657
|
+
o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
|
658
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
|
659
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
|
660
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidPolicyException)
|
661
|
+
o.errors << Shapes::ShapeRef.new(shape: LockoutPreventedException)
|
662
|
+
o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
|
663
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
664
|
+
end)
|
665
|
+
|
598
666
|
api.add_operation(:restore_certificate_authority, Seahorse::Model::Operation.new.tap do |o|
|
599
667
|
o.name = "RestoreCertificateAuthority"
|
600
668
|
o.http_method = "POST"
|
@@ -37,6 +37,7 @@ module Aws::ACMPCA
|
|
37
37
|
# * {InvalidStateException}
|
38
38
|
# * {InvalidTagException}
|
39
39
|
# * {LimitExceededException}
|
40
|
+
# * {LockoutPreventedException}
|
40
41
|
# * {MalformedCSRException}
|
41
42
|
# * {MalformedCertificateException}
|
42
43
|
# * {PermissionAlreadyExistsException}
|
@@ -202,6 +203,21 @@ module Aws::ACMPCA
|
|
202
203
|
end
|
203
204
|
end
|
204
205
|
|
206
|
+
class LockoutPreventedException < ServiceError
|
207
|
+
|
208
|
+
# @param [Seahorse::Client::RequestContext] context
|
209
|
+
# @param [String] message
|
210
|
+
# @param [Aws::ACMPCA::Types::LockoutPreventedException] data
|
211
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
212
|
+
super(context, message, data)
|
213
|
+
end
|
214
|
+
|
215
|
+
# @return [String]
|
216
|
+
def message
|
217
|
+
@message || @data[:message]
|
218
|
+
end
|
219
|
+
end
|
220
|
+
|
205
221
|
class MalformedCSRException < ServiceError
|
206
222
|
|
207
223
|
# @param [Seahorse::Client::RequestContext] context
|
data/lib/aws-sdk-acmpca/types.rb
CHANGED
@@ -28,10 +28,10 @@ module Aws::ACMPCA
|
|
28
28
|
# country: "CountryCodeString",
|
29
29
|
# organization: "String64",
|
30
30
|
# organizational_unit: "String64",
|
31
|
-
# distinguished_name_qualifier: "
|
31
|
+
# distinguished_name_qualifier: "ASN1PrintableString64",
|
32
32
|
# state: "String128",
|
33
33
|
# common_name: "String64",
|
34
|
-
# serial_number: "
|
34
|
+
# serial_number: "ASN1PrintableString64",
|
35
35
|
# locality: "String128",
|
36
36
|
# title: "String64",
|
37
37
|
# surname: "String40",
|
@@ -135,19 +135,30 @@ module Aws::ACMPCA
|
|
135
135
|
# Your private CA can issue and revoke X.509 digital certificates.
|
136
136
|
# Digital certificates verify that the entity named in the certificate
|
137
137
|
# **Subject** field owns or controls the public key contained in the
|
138
|
-
# **Subject Public Key Info** field. Call the
|
139
|
-
# action to create your private CA. You
|
140
|
-
#
|
141
|
-
# certificate signing request (CSR). Sign the CSR
|
142
|
-
# CA-hosted or on-premises root or subordinate CA
|
143
|
-
#
|
144
|
-
# certificate into AWS Certificate Manager
|
138
|
+
# **Subject Public Key Info** field. Call the
|
139
|
+
# [CreateCertificateAuthority][1] action to create your private CA. You
|
140
|
+
# must then call the [GetCertificateAuthorityCertificate][2] action to
|
141
|
+
# retrieve a private CA certificate signing request (CSR). Sign the CSR
|
142
|
+
# with your ACM Private CA-hosted or on-premises root or subordinate CA
|
143
|
+
# certificate. Call the [ImportCertificateAuthorityCertificate][3]
|
144
|
+
# action to import the signed certificate into AWS Certificate Manager
|
145
|
+
# (ACM).
|
146
|
+
#
|
147
|
+
#
|
148
|
+
#
|
149
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
150
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_GetCertificateAuthorityCertificate.html
|
151
|
+
# [3]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ImportCertificateAuthorityCertificate.html
|
145
152
|
#
|
146
153
|
# @!attribute [rw] arn
|
147
154
|
# Amazon Resource Name (ARN) for your private certificate authority
|
148
155
|
# (CA). The format is ` 12345678-1234-1234-1234-123456789012 `.
|
149
156
|
# @return [String]
|
150
157
|
#
|
158
|
+
# @!attribute [rw] owner_account
|
159
|
+
# The AWS account ID that owns the certificate authority.
|
160
|
+
# @return [String]
|
161
|
+
#
|
151
162
|
# @!attribute [rw] created_at
|
152
163
|
# Date and time at which your private CA was created.
|
153
164
|
# @return [Time]
|
@@ -192,13 +203,18 @@ module Aws::ACMPCA
|
|
192
203
|
# @!attribute [rw] restorable_until
|
193
204
|
# The period during which a deleted CA can be restored. For more
|
194
205
|
# information, see the `PermanentDeletionTimeInDays` parameter of the
|
195
|
-
# DeleteCertificateAuthorityRequest action.
|
206
|
+
# [DeleteCertificateAuthorityRequest][1] action.
|
207
|
+
#
|
208
|
+
#
|
209
|
+
#
|
210
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeleteCertificateAuthorityRequest.html
|
196
211
|
# @return [Time]
|
197
212
|
#
|
198
213
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CertificateAuthority AWS API Documentation
|
199
214
|
#
|
200
215
|
class CertificateAuthority < Struct.new(
|
201
216
|
:arn,
|
217
|
+
:owner_account,
|
202
218
|
:created_at,
|
203
219
|
:last_state_change_at,
|
204
220
|
:type,
|
@@ -220,7 +236,11 @@ module Aws::ACMPCA
|
|
220
236
|
# issues a certificate. It also includes the signature algorithm that it
|
221
237
|
# uses when issuing certificates, and its X.500 distinguished name. You
|
222
238
|
# must specify this information when you call the
|
223
|
-
# CreateCertificateAuthority action.
|
239
|
+
# [CreateCertificateAuthority][1] action.
|
240
|
+
#
|
241
|
+
#
|
242
|
+
#
|
243
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
224
244
|
#
|
225
245
|
# @note When making an API call, you may pass CertificateAuthorityConfiguration
|
226
246
|
# data as a hash:
|
@@ -232,10 +252,10 @@ module Aws::ACMPCA
|
|
232
252
|
# country: "CountryCodeString",
|
233
253
|
# organization: "String64",
|
234
254
|
# organizational_unit: "String64",
|
235
|
-
# distinguished_name_qualifier: "
|
255
|
+
# distinguished_name_qualifier: "ASN1PrintableString64",
|
236
256
|
# state: "String128",
|
237
257
|
# common_name: "String64",
|
238
|
-
# serial_number: "
|
258
|
+
# serial_number: "ASN1PrintableString64",
|
239
259
|
# locality: "String128",
|
240
260
|
# title: "String64",
|
241
261
|
# surname: "String40",
|
@@ -256,6 +276,9 @@ module Aws::ACMPCA
|
|
256
276
|
# @!attribute [rw] signing_algorithm
|
257
277
|
# Name of the algorithm your private CA uses to sign certificate
|
258
278
|
# requests.
|
279
|
+
#
|
280
|
+
# This parameter should not be confused with the `SigningAlgorithm`
|
281
|
+
# parameter used to sign certificates when they are issued.
|
259
282
|
# @return [String]
|
260
283
|
#
|
261
284
|
# @!attribute [rw] subject
|
@@ -305,7 +328,7 @@ module Aws::ACMPCA
|
|
305
328
|
#
|
306
329
|
# {
|
307
330
|
# certificate_authority_arn: "Arn", # required
|
308
|
-
# s3_bucket_name: "
|
331
|
+
# s3_bucket_name: "S3BucketName", # required
|
309
332
|
# audit_report_response_format: "JSON", # required, accepts JSON, CSV
|
310
333
|
# }
|
311
334
|
#
|
@@ -365,10 +388,10 @@ module Aws::ACMPCA
|
|
365
388
|
# country: "CountryCodeString",
|
366
389
|
# organization: "String64",
|
367
390
|
# organizational_unit: "String64",
|
368
|
-
# distinguished_name_qualifier: "
|
391
|
+
# distinguished_name_qualifier: "ASN1PrintableString64",
|
369
392
|
# state: "String128",
|
370
393
|
# common_name: "String64",
|
371
|
-
# serial_number: "
|
394
|
+
# serial_number: "ASN1PrintableString64",
|
372
395
|
# locality: "String128",
|
373
396
|
# title: "String64",
|
374
397
|
# surname: "String40",
|
@@ -407,7 +430,11 @@ module Aws::ACMPCA
|
|
407
430
|
# ACM Private CA will write the CRL, and an optional CNAME alias that
|
408
431
|
# you can use to hide the name of your bucket in the **CRL
|
409
432
|
# Distribution Points** extension of your CA certificate. For more
|
410
|
-
# information, see the CrlConfiguration structure.
|
433
|
+
# information, see the [CrlConfiguration][1] structure.
|
434
|
+
#
|
435
|
+
#
|
436
|
+
#
|
437
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CrlConfiguration.html
|
411
438
|
# @return [Types::RevocationConfiguration]
|
412
439
|
#
|
413
440
|
# @!attribute [rw] certificate_authority_type
|
@@ -416,22 +443,19 @@ module Aws::ACMPCA
|
|
416
443
|
#
|
417
444
|
# @!attribute [rw] idempotency_token
|
418
445
|
# Alphanumeric string that can be used to distinguish between calls to
|
419
|
-
# **CreateCertificateAuthority**.
|
420
|
-
#
|
421
|
-
#
|
422
|
-
#
|
423
|
-
#
|
424
|
-
#
|
425
|
-
# recognizes that you are requesting multiple certificates.
|
446
|
+
# **CreateCertificateAuthority**. For a given token, ACM Private CA
|
447
|
+
# creates exactly one CA. If you issue a subsequent call using the
|
448
|
+
# same token, ACM Private CA returns the ARN of the existing CA and
|
449
|
+
# takes no further action. If you change the idempotency token across
|
450
|
+
# multiple calls, ACM Private CA creates a unique CA for each unique
|
451
|
+
# token.
|
426
452
|
# @return [String]
|
427
453
|
#
|
428
454
|
# @!attribute [rw] tags
|
429
455
|
# Key-value pairs that will be attached to the new private CA. You can
|
430
456
|
# associate up to 50 tags with a private CA. For information using
|
431
|
-
# tags with
|
432
|
-
#
|
433
|
-
# IAM to manage permissions, see [Controlling Access Using IAM
|
434
|
-
# Tags][1].
|
457
|
+
# tags with IAM to manage permissions, see [Controlling Access Using
|
458
|
+
# IAM Tags][1].
|
435
459
|
#
|
436
460
|
#
|
437
461
|
#
|
@@ -479,11 +503,15 @@ module Aws::ACMPCA
|
|
479
503
|
# @!attribute [rw] certificate_authority_arn
|
480
504
|
# The Amazon Resource Name (ARN) of the CA that grants the
|
481
505
|
# permissions. You can find the ARN by calling the
|
482
|
-
# ListCertificateAuthorities action. This must have the following
|
506
|
+
# [ListCertificateAuthorities][1] action. This must have the following
|
483
507
|
# form:
|
484
508
|
#
|
485
509
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
486
510
|
# `.
|
511
|
+
#
|
512
|
+
#
|
513
|
+
#
|
514
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html
|
487
515
|
# @return [String]
|
488
516
|
#
|
489
517
|
# @!attribute [rw] principal
|
@@ -522,6 +550,9 @@ module Aws::ACMPCA
|
|
522
550
|
# Points** extension of each certificate it issues. Your S3 bucket
|
523
551
|
# policy must give write permission to ACM Private CA.
|
524
552
|
#
|
553
|
+
# ACM Private CAA assets that are stored in Amazon S3 can be protected
|
554
|
+
# with encryption. For more information, see [Encrypting Your CRLs][1].
|
555
|
+
#
|
525
556
|
# Your private CA uses the value in the **ExpirationInDays** parameter
|
526
557
|
# to calculate the **nextUpdate** field in the CRL. The CRL is refreshed
|
527
558
|
# at 1/2 the age of next update or when a certificate is revoked. When a
|
@@ -576,6 +607,10 @@ module Aws::ACMPCA
|
|
576
607
|
#
|
577
608
|
# `openssl crl -inform DER -text -in crl_path -noout`
|
578
609
|
#
|
610
|
+
#
|
611
|
+
#
|
612
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaCreateCa.html#crl-encryption
|
613
|
+
#
|
579
614
|
# @note When making an API call, you may pass CrlConfiguration
|
580
615
|
# data as a hash:
|
581
616
|
#
|
@@ -589,9 +624,14 @@ module Aws::ACMPCA
|
|
589
624
|
# @!attribute [rw] enabled
|
590
625
|
# Boolean value that specifies whether certificate revocation lists
|
591
626
|
# (CRLs) are enabled. You can use this value to enable certificate
|
592
|
-
# revocation for a new CA when you call the
|
593
|
-
# action or for an existing CA when
|
594
|
-
# UpdateCertificateAuthority action.
|
627
|
+
# revocation for a new CA when you call the
|
628
|
+
# [CreateCertificateAuthority][1] action or for an existing CA when
|
629
|
+
# you call the [UpdateCertificateAuthority][2] action.
|
630
|
+
#
|
631
|
+
#
|
632
|
+
#
|
633
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
634
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UpdateCertificateAuthority.html
|
595
635
|
# @return [Boolean]
|
596
636
|
#
|
597
637
|
# @!attribute [rw] expiration_in_days
|
@@ -610,9 +650,13 @@ module Aws::ACMPCA
|
|
610
650
|
# value for the **CustomCname** argument, the name of your S3 bucket
|
611
651
|
# is placed into the **CRL Distribution Points** extension of the
|
612
652
|
# issued certificate. You can change the name of your bucket by
|
613
|
-
# calling the UpdateCertificateAuthority action. You must specify
|
614
|
-
# bucket policy that allows ACM Private CA to write the CRL to your
|
653
|
+
# calling the [UpdateCertificateAuthority][1] action. You must specify
|
654
|
+
# a bucket policy that allows ACM Private CA to write the CRL to your
|
615
655
|
# bucket.
|
656
|
+
#
|
657
|
+
#
|
658
|
+
#
|
659
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UpdateCertificateAuthority.html
|
616
660
|
# @return [String]
|
617
661
|
#
|
618
662
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CrlConfiguration AWS API Documentation
|
@@ -636,10 +680,14 @@ module Aws::ACMPCA
|
|
636
680
|
#
|
637
681
|
# @!attribute [rw] certificate_authority_arn
|
638
682
|
# The Amazon Resource Name (ARN) that was returned when you called
|
639
|
-
# CreateCertificateAuthority. This must have the following form:
|
683
|
+
# [CreateCertificateAuthority][1]. This must have the following form:
|
640
684
|
#
|
641
685
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
642
686
|
# `.
|
687
|
+
#
|
688
|
+
#
|
689
|
+
#
|
690
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
643
691
|
# @return [String]
|
644
692
|
#
|
645
693
|
# @!attribute [rw] permanent_deletion_time_in_days
|
@@ -669,11 +717,15 @@ module Aws::ACMPCA
|
|
669
717
|
# @!attribute [rw] certificate_authority_arn
|
670
718
|
# The Amazon Resource Number (ARN) of the private CA that issued the
|
671
719
|
# permissions. You can find the CA's ARN by calling the
|
672
|
-
# ListCertificateAuthorities action. This must have the following
|
720
|
+
# [ListCertificateAuthorities][1] action. This must have the following
|
673
721
|
# form:
|
674
722
|
#
|
675
723
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
676
724
|
# `.
|
725
|
+
#
|
726
|
+
#
|
727
|
+
#
|
728
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html
|
677
729
|
# @return [String]
|
678
730
|
#
|
679
731
|
# @!attribute [rw] principal
|
@@ -696,6 +748,33 @@ module Aws::ACMPCA
|
|
696
748
|
include Aws::Structure
|
697
749
|
end
|
698
750
|
|
751
|
+
# @note When making an API call, you may pass DeletePolicyRequest
|
752
|
+
# data as a hash:
|
753
|
+
#
|
754
|
+
# {
|
755
|
+
# resource_arn: "Arn", # required
|
756
|
+
# }
|
757
|
+
#
|
758
|
+
# @!attribute [rw] resource_arn
|
759
|
+
# The Amazon Resource Number (ARN) of the private CA that will have
|
760
|
+
# its policy deleted. You can find the CA's ARN by calling the
|
761
|
+
# [ListCertificateAuthorities][1] action. The ARN value must have the
|
762
|
+
# form
|
763
|
+
# `arn:aws:acm-pca:region:account:certificate-authority/01234567-89ab-cdef-0123-0123456789ab`.
|
764
|
+
#
|
765
|
+
#
|
766
|
+
#
|
767
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html
|
768
|
+
# @return [String]
|
769
|
+
#
|
770
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DeletePolicyRequest AWS API Documentation
|
771
|
+
#
|
772
|
+
class DeletePolicyRequest < Struct.new(
|
773
|
+
:resource_arn)
|
774
|
+
SENSITIVE = []
|
775
|
+
include Aws::Structure
|
776
|
+
end
|
777
|
+
|
699
778
|
# @note When making an API call, you may pass DescribeCertificateAuthorityAuditReportRequest
|
700
779
|
# data as a hash:
|
701
780
|
#
|
@@ -714,7 +793,11 @@ module Aws::ACMPCA
|
|
714
793
|
#
|
715
794
|
# @!attribute [rw] audit_report_id
|
716
795
|
# The report ID returned by calling the
|
717
|
-
# CreateCertificateAuthorityAuditReport action.
|
796
|
+
# [CreateCertificateAuthorityAuditReport][1] action.
|
797
|
+
#
|
798
|
+
#
|
799
|
+
#
|
800
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthorityAuditReport.html
|
718
801
|
# @return [String]
|
719
802
|
#
|
720
803
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DescribeCertificateAuthorityAuditReportRequest AWS API Documentation
|
@@ -764,10 +847,14 @@ module Aws::ACMPCA
|
|
764
847
|
#
|
765
848
|
# @!attribute [rw] certificate_authority_arn
|
766
849
|
# The Amazon Resource Name (ARN) that was returned when you called
|
767
|
-
# CreateCertificateAuthority. This must be of the form:
|
850
|
+
# [CreateCertificateAuthority][1]. This must be of the form:
|
768
851
|
#
|
769
852
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
770
853
|
# `.
|
854
|
+
#
|
855
|
+
#
|
856
|
+
#
|
857
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
771
858
|
# @return [String]
|
772
859
|
#
|
773
860
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DescribeCertificateAuthorityRequest AWS API Documentation
|
@@ -779,8 +866,12 @@ module Aws::ACMPCA
|
|
779
866
|
end
|
780
867
|
|
781
868
|
# @!attribute [rw] certificate_authority
|
782
|
-
# A CertificateAuthority structure that contains information
|
783
|
-
# your private CA.
|
869
|
+
# A [CertificateAuthority][1] structure that contains information
|
870
|
+
# about your private CA.
|
871
|
+
#
|
872
|
+
#
|
873
|
+
#
|
874
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CertificateAuthority.html
|
784
875
|
# @return [Types::CertificateAuthority]
|
785
876
|
#
|
786
877
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DescribeCertificateAuthorityResponse AWS API Documentation
|
@@ -844,10 +935,14 @@ module Aws::ACMPCA
|
|
844
935
|
#
|
845
936
|
# @!attribute [rw] certificate_authority_arn
|
846
937
|
# The Amazon Resource Name (ARN) that was returned when you called the
|
847
|
-
# CreateCertificateAuthority action. This must be of the form:
|
938
|
+
# [CreateCertificateAuthority][1] action. This must be of the form:
|
848
939
|
#
|
849
940
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
850
941
|
# `
|
942
|
+
#
|
943
|
+
#
|
944
|
+
#
|
945
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
851
946
|
# @return [String]
|
852
947
|
#
|
853
948
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/GetCertificateAuthorityCsrRequest AWS API Documentation
|
@@ -881,10 +976,14 @@ module Aws::ACMPCA
|
|
881
976
|
#
|
882
977
|
# @!attribute [rw] certificate_authority_arn
|
883
978
|
# The Amazon Resource Name (ARN) that was returned when you called
|
884
|
-
# CreateCertificateAuthority. This must be of the form:
|
979
|
+
# [CreateCertificateAuthority][1]. This must be of the form:
|
885
980
|
#
|
886
981
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
887
982
|
# `.
|
983
|
+
#
|
984
|
+
#
|
985
|
+
#
|
986
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
888
987
|
# @return [String]
|
889
988
|
#
|
890
989
|
# @!attribute [rw] certificate_arn
|
@@ -924,6 +1023,39 @@ module Aws::ACMPCA
|
|
924
1023
|
include Aws::Structure
|
925
1024
|
end
|
926
1025
|
|
1026
|
+
# @note When making an API call, you may pass GetPolicyRequest
|
1027
|
+
# data as a hash:
|
1028
|
+
#
|
1029
|
+
# {
|
1030
|
+
# resource_arn: "Arn", # required
|
1031
|
+
# }
|
1032
|
+
#
|
1033
|
+
# @!attribute [rw] resource_arn
|
1034
|
+
# The Amazon Resource Number (ARN) of the private CA that will have
|
1035
|
+
# its policy retrieved. You can find the CA's ARN by calling the
|
1036
|
+
# ListCertificateAuthorities action.
|
1037
|
+
# @return [String]
|
1038
|
+
#
|
1039
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/GetPolicyRequest AWS API Documentation
|
1040
|
+
#
|
1041
|
+
class GetPolicyRequest < Struct.new(
|
1042
|
+
:resource_arn)
|
1043
|
+
SENSITIVE = []
|
1044
|
+
include Aws::Structure
|
1045
|
+
end
|
1046
|
+
|
1047
|
+
# @!attribute [rw] policy
|
1048
|
+
# The policy attached to the private CA as a JSON document.
|
1049
|
+
# @return [String]
|
1050
|
+
#
|
1051
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/GetPolicyResponse AWS API Documentation
|
1052
|
+
#
|
1053
|
+
class GetPolicyResponse < Struct.new(
|
1054
|
+
:policy)
|
1055
|
+
SENSITIVE = []
|
1056
|
+
include Aws::Structure
|
1057
|
+
end
|
1058
|
+
|
927
1059
|
# @note When making an API call, you may pass ImportCertificateAuthorityCertificateRequest
|
928
1060
|
# data as a hash:
|
929
1061
|
#
|
@@ -935,10 +1067,14 @@ module Aws::ACMPCA
|
|
935
1067
|
#
|
936
1068
|
# @!attribute [rw] certificate_authority_arn
|
937
1069
|
# The Amazon Resource Name (ARN) that was returned when you called
|
938
|
-
# CreateCertificateAuthority. This must be of the form:
|
1070
|
+
# [CreateCertificateAuthority][1]. This must be of the form:
|
939
1071
|
#
|
940
1072
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
941
1073
|
# `
|
1074
|
+
#
|
1075
|
+
#
|
1076
|
+
#
|
1077
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
942
1078
|
# @return [String]
|
943
1079
|
#
|
944
1080
|
# @!attribute [rw] certificate
|
@@ -996,7 +1132,12 @@ module Aws::ACMPCA
|
|
996
1132
|
end
|
997
1133
|
|
998
1134
|
# The token specified in the `NextToken` argument is not valid. Use the
|
999
|
-
# token returned from your previous call to
|
1135
|
+
# token returned from your previous call to
|
1136
|
+
# [ListCertificateAuthorities][1].
|
1137
|
+
#
|
1138
|
+
#
|
1139
|
+
#
|
1140
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html
|
1000
1141
|
#
|
1001
1142
|
# @!attribute [rw] message
|
1002
1143
|
# @return [String]
|
@@ -1009,9 +1150,13 @@ module Aws::ACMPCA
|
|
1009
1150
|
include Aws::Structure
|
1010
1151
|
end
|
1011
1152
|
|
1012
|
-
# The
|
1013
|
-
#
|
1014
|
-
#
|
1153
|
+
# The resource policy is invalid or is missing a required statement. For
|
1154
|
+
# general information about IAM policy and statement structure, see
|
1155
|
+
# [Overview of JSON Policies][1].
|
1156
|
+
#
|
1157
|
+
#
|
1158
|
+
#
|
1159
|
+
# [1]: https://docs.aws.amazon.com/https:/docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json
|
1015
1160
|
#
|
1016
1161
|
# @!attribute [rw] message
|
1017
1162
|
# @return [String]
|
@@ -1037,8 +1182,7 @@ module Aws::ACMPCA
|
|
1037
1182
|
include Aws::Structure
|
1038
1183
|
end
|
1039
1184
|
|
1040
|
-
# The
|
1041
|
-
# cannot be generated.
|
1185
|
+
# The state of the private CA does not allow this action to occur.
|
1042
1186
|
#
|
1043
1187
|
# @!attribute [rw] message
|
1044
1188
|
# @return [String]
|
@@ -1082,10 +1226,14 @@ module Aws::ACMPCA
|
|
1082
1226
|
#
|
1083
1227
|
# @!attribute [rw] certificate_authority_arn
|
1084
1228
|
# The Amazon Resource Name (ARN) that was returned when you called
|
1085
|
-
# CreateCertificateAuthority. This must be of the form:
|
1229
|
+
# [CreateCertificateAuthority][1]. This must be of the form:
|
1086
1230
|
#
|
1087
1231
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
1088
1232
|
# `
|
1233
|
+
#
|
1234
|
+
#
|
1235
|
+
#
|
1236
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
1089
1237
|
# @return [String]
|
1090
1238
|
#
|
1091
1239
|
# @!attribute [rw] csr
|
@@ -1103,23 +1251,55 @@ module Aws::ACMPCA
|
|
1103
1251
|
# `openssl req -new -config openssl_rsa.cnf -extensions usr_cert
|
1104
1252
|
# -newkey rsa:2048 -days -365 -keyout private/test_cert_priv_key.pem
|
1105
1253
|
# -out csr/test_cert_.csr`
|
1254
|
+
#
|
1255
|
+
# Note: A CSR must provide either a *subject name* or a *subject
|
1256
|
+
# alternative name* or the request will be rejected.
|
1106
1257
|
# @return [String]
|
1107
1258
|
#
|
1108
1259
|
# @!attribute [rw] signing_algorithm
|
1109
1260
|
# The name of the algorithm that will be used to sign the certificate
|
1110
1261
|
# to be issued.
|
1262
|
+
#
|
1263
|
+
# This parameter should not be confused with the `SigningAlgorithm`
|
1264
|
+
# parameter used to sign a CSR.
|
1111
1265
|
# @return [String]
|
1112
1266
|
#
|
1113
1267
|
# @!attribute [rw] template_arn
|
1114
1268
|
# Specifies a custom configuration template to use when issuing a
|
1115
1269
|
# certificate. If this parameter is not provided, ACM Private CA
|
1116
|
-
# defaults to the `EndEntityCertificate/V1` template.
|
1270
|
+
# defaults to the `EndEntityCertificate/V1` template. For CA
|
1271
|
+
# certificates, you should choose the shortest path length that meets
|
1272
|
+
# your needs. The path length is indicated by the PathLen*N* portion
|
1273
|
+
# of the ARN, where *N* is the [CA depth][1].
|
1274
|
+
#
|
1275
|
+
# Note: The CA depth configured on a subordinate CA certificate must
|
1276
|
+
# not exceed the limit set by its parents in the CA hierarchy.
|
1117
1277
|
#
|
1118
1278
|
# The following service-owned `TemplateArn` values are supported by
|
1119
1279
|
# ACM Private CA:
|
1120
1280
|
#
|
1281
|
+
# * arn:aws:acm-pca:::template/CodeSigningCertificate/V1
|
1282
|
+
#
|
1283
|
+
# * arn:aws:acm-pca:::template/CodeSigningCertificate\_CSRPassthrough/V1
|
1284
|
+
#
|
1121
1285
|
# * arn:aws:acm-pca:::template/EndEntityCertificate/V1
|
1122
1286
|
#
|
1287
|
+
# * arn:aws:acm-pca:::template/EndEntityCertificate\_CSRPassthrough/V1
|
1288
|
+
#
|
1289
|
+
# * arn:aws:acm-pca:::template/EndEntityClientAuthCertificate/V1
|
1290
|
+
#
|
1291
|
+
# * arn:aws:acm-pca:::template/EndEntityClientAuthCertificate\_CSRPassthrough/V1
|
1292
|
+
#
|
1293
|
+
# * arn:aws:acm-pca:::template/EndEntityServerAuthCertificate/V1
|
1294
|
+
#
|
1295
|
+
# * arn:aws:acm-pca:::template/EndEntityServerAuthCertificate\_CSRPassthrough/V1
|
1296
|
+
#
|
1297
|
+
# * arn:aws:acm-pca:::template/OCSPSigningCertificate/V1
|
1298
|
+
#
|
1299
|
+
# * arn:aws:acm-pca:::template/OCSPSigningCertificate\_CSRPassthrough/V1
|
1300
|
+
#
|
1301
|
+
# * arn:aws:acm-pca:::template/RootCACertificate/V1
|
1302
|
+
#
|
1123
1303
|
# * arn:aws:acm-pca:::template/SubordinateCACertificate\_PathLen0/V1
|
1124
1304
|
#
|
1125
1305
|
# * arn:aws:acm-pca:::template/SubordinateCACertificate\_PathLen1/V1
|
@@ -1128,17 +1308,24 @@ module Aws::ACMPCA
|
|
1128
1308
|
#
|
1129
1309
|
# * arn:aws:acm-pca:::template/SubordinateCACertificate\_PathLen3/V1
|
1130
1310
|
#
|
1131
|
-
#
|
1132
|
-
#
|
1133
|
-
# For more information, see [Using Templates][1].
|
1311
|
+
# For more information, see [Using Templates][2].
|
1134
1312
|
#
|
1135
1313
|
#
|
1136
1314
|
#
|
1137
|
-
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/
|
1315
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaTerms.html#terms-cadepth
|
1316
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/userguide/UsingTemplates.html
|
1138
1317
|
# @return [String]
|
1139
1318
|
#
|
1140
1319
|
# @!attribute [rw] validity
|
1141
|
-
#
|
1320
|
+
# Information describing the validity period of the certificate.
|
1321
|
+
#
|
1322
|
+
# When issuing a certificate, ACM Private CA sets the "Not Before"
|
1323
|
+
# date in the validity field to date and time minus 60 minutes. This
|
1324
|
+
# is intended to compensate for time inconsistencies across systems of
|
1325
|
+
# 60 minutes or less.
|
1326
|
+
#
|
1327
|
+
# The validity period configured on a certificate must not exceed the
|
1328
|
+
# limit set by its parents in the CA hierarchy.
|
1142
1329
|
# @return [Types::Validity]
|
1143
1330
|
#
|
1144
1331
|
# @!attribute [rw] idempotency_token
|
@@ -1180,8 +1367,8 @@ module Aws::ACMPCA
|
|
1180
1367
|
include Aws::Structure
|
1181
1368
|
end
|
1182
1369
|
|
1183
|
-
# An ACM Private CA
|
1184
|
-
# returned to determine the
|
1370
|
+
# An ACM Private CA quota has been exceeded. See the exception message
|
1371
|
+
# returned to determine the quota that was exceeded.
|
1185
1372
|
#
|
1186
1373
|
# @!attribute [rw] message
|
1187
1374
|
# @return [String]
|
@@ -1200,6 +1387,7 @@ module Aws::ACMPCA
|
|
1200
1387
|
# {
|
1201
1388
|
# next_token: "NextToken",
|
1202
1389
|
# max_results: 1,
|
1390
|
+
# resource_owner: "SELF", # accepts SELF, OTHER_ACCOUNTS
|
1203
1391
|
# }
|
1204
1392
|
#
|
1205
1393
|
# @!attribute [rw] next_token
|
@@ -1217,11 +1405,17 @@ module Aws::ACMPCA
|
|
1217
1405
|
# value in a subsequent request to retrieve additional items.
|
1218
1406
|
# @return [Integer]
|
1219
1407
|
#
|
1408
|
+
# @!attribute [rw] resource_owner
|
1409
|
+
# Use this parameter to filter the returned set of certificate
|
1410
|
+
# authorities based on their owner. The default is SELF.
|
1411
|
+
# @return [String]
|
1412
|
+
#
|
1220
1413
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/ListCertificateAuthoritiesRequest AWS API Documentation
|
1221
1414
|
#
|
1222
1415
|
class ListCertificateAuthoritiesRequest < Struct.new(
|
1223
1416
|
:next_token,
|
1224
|
-
:max_results
|
1417
|
+
:max_results,
|
1418
|
+
:resource_owner)
|
1225
1419
|
SENSITIVE = []
|
1226
1420
|
include Aws::Structure
|
1227
1421
|
end
|
@@ -1256,11 +1450,15 @@ module Aws::ACMPCA
|
|
1256
1450
|
#
|
1257
1451
|
# @!attribute [rw] certificate_authority_arn
|
1258
1452
|
# The Amazon Resource Number (ARN) of the private CA to inspect. You
|
1259
|
-
# can find the ARN by calling the ListCertificateAuthorities
|
1260
|
-
# This must be of the form:
|
1453
|
+
# can find the ARN by calling the [ListCertificateAuthorities][1]
|
1454
|
+
# action. This must be of the form:
|
1261
1455
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
|
1262
1456
|
# You can get a private CA's ARN by running the
|
1263
|
-
# ListCertificateAuthorities action.
|
1457
|
+
# [ListCertificateAuthorities][1] action.
|
1458
|
+
#
|
1459
|
+
#
|
1460
|
+
#
|
1461
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html
|
1264
1462
|
# @return [String]
|
1265
1463
|
#
|
1266
1464
|
# @!attribute [rw] next_token
|
@@ -1318,10 +1516,14 @@ module Aws::ACMPCA
|
|
1318
1516
|
#
|
1319
1517
|
# @!attribute [rw] certificate_authority_arn
|
1320
1518
|
# The Amazon Resource Name (ARN) that was returned when you called the
|
1321
|
-
# CreateCertificateAuthority action. This must be of the form:
|
1519
|
+
# [CreateCertificateAuthority][1] action. This must be of the form:
|
1322
1520
|
#
|
1323
1521
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
1324
1522
|
# `
|
1523
|
+
#
|
1524
|
+
#
|
1525
|
+
#
|
1526
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
1325
1527
|
# @return [String]
|
1326
1528
|
#
|
1327
1529
|
# @!attribute [rw] next_token
|
@@ -1366,6 +1568,22 @@ module Aws::ACMPCA
|
|
1366
1568
|
include Aws::Structure
|
1367
1569
|
end
|
1368
1570
|
|
1571
|
+
# The current action was prevented because it would lock the caller out
|
1572
|
+
# from performing subsequent actions. Verify that the specified
|
1573
|
+
# parameters would not result in the caller being denied access to the
|
1574
|
+
# resource.
|
1575
|
+
#
|
1576
|
+
# @!attribute [rw] message
|
1577
|
+
# @return [String]
|
1578
|
+
#
|
1579
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/LockoutPreventedException AWS API Documentation
|
1580
|
+
#
|
1581
|
+
class LockoutPreventedException < Struct.new(
|
1582
|
+
:message)
|
1583
|
+
SENSITIVE = []
|
1584
|
+
include Aws::Structure
|
1585
|
+
end
|
1586
|
+
|
1369
1587
|
# The certificate signing request is invalid.
|
1370
1588
|
#
|
1371
1589
|
# @!attribute [rw] message
|
@@ -1397,8 +1615,14 @@ module Aws::ACMPCA
|
|
1397
1615
|
# certificates, you must give the ACM service principal all available
|
1398
1616
|
# permissions (`IssueCertificate`, `GetCertificate`, and
|
1399
1617
|
# `ListPermissions`). Permissions can be assigned with the
|
1400
|
-
# CreatePermission action, removed with the DeletePermission
|
1401
|
-
# listed with the ListPermissions action.
|
1618
|
+
# [CreatePermission][1] action, removed with the [DeletePermission][2]
|
1619
|
+
# action, and listed with the [ListPermissions][3] action.
|
1620
|
+
#
|
1621
|
+
#
|
1622
|
+
#
|
1623
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreatePermission.html
|
1624
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeletePermission.html
|
1625
|
+
# [3]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListPermissions.html
|
1402
1626
|
#
|
1403
1627
|
# @!attribute [rw] certificate_authority_arn
|
1404
1628
|
# The Amazon Resource Number (ARN) of the private CA from which the
|
@@ -1453,6 +1677,48 @@ module Aws::ACMPCA
|
|
1453
1677
|
include Aws::Structure
|
1454
1678
|
end
|
1455
1679
|
|
1680
|
+
# @note When making an API call, you may pass PutPolicyRequest
|
1681
|
+
# data as a hash:
|
1682
|
+
#
|
1683
|
+
# {
|
1684
|
+
# resource_arn: "Arn", # required
|
1685
|
+
# policy: "AWSPolicy", # required
|
1686
|
+
# }
|
1687
|
+
#
|
1688
|
+
# @!attribute [rw] resource_arn
|
1689
|
+
# The Amazon Resource Number (ARN) of the private CA to associate with
|
1690
|
+
# the policy. The ARN of the CA can be found by calling the
|
1691
|
+
# [ListCertificateAuthorities][1] action.
|
1692
|
+
#
|
1693
|
+
#
|
1694
|
+
#
|
1695
|
+
#
|
1696
|
+
#
|
1697
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html
|
1698
|
+
# @return [String]
|
1699
|
+
#
|
1700
|
+
# @!attribute [rw] policy
|
1701
|
+
# The path and filename of a JSON-formatted IAM policy to attach to
|
1702
|
+
# the specified private CA resource. If this policy does not contain
|
1703
|
+
# all required statements or if it includes any statement that is not
|
1704
|
+
# allowed, the `PutPolicy` action returns an `InvalidPolicyException`.
|
1705
|
+
# For information about IAM policy and statement structure, see
|
1706
|
+
# [Overview of JSON Policies][1].
|
1707
|
+
#
|
1708
|
+
#
|
1709
|
+
#
|
1710
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json
|
1711
|
+
# @return [String]
|
1712
|
+
#
|
1713
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/PutPolicyRequest AWS API Documentation
|
1714
|
+
#
|
1715
|
+
class PutPolicyRequest < Struct.new(
|
1716
|
+
:resource_arn,
|
1717
|
+
:policy)
|
1718
|
+
SENSITIVE = []
|
1719
|
+
include Aws::Structure
|
1720
|
+
end
|
1721
|
+
|
1456
1722
|
# Your request has already been completed.
|
1457
1723
|
#
|
1458
1724
|
# @!attribute [rw] message
|
@@ -1492,8 +1758,8 @@ module Aws::ACMPCA
|
|
1492
1758
|
include Aws::Structure
|
1493
1759
|
end
|
1494
1760
|
|
1495
|
-
# A resource such as a private CA, S3 bucket, certificate,
|
1496
|
-
#
|
1761
|
+
# A resource such as a private CA, S3 bucket, certificate, audit report,
|
1762
|
+
# or policy cannot be found.
|
1497
1763
|
#
|
1498
1764
|
# @!attribute [rw] message
|
1499
1765
|
# @return [String]
|
@@ -1515,10 +1781,14 @@ module Aws::ACMPCA
|
|
1515
1781
|
#
|
1516
1782
|
# @!attribute [rw] certificate_authority_arn
|
1517
1783
|
# The Amazon Resource Name (ARN) that was returned when you called the
|
1518
|
-
# CreateCertificateAuthority action. This must be of the form:
|
1784
|
+
# [CreateCertificateAuthority][1] action. This must be of the form:
|
1519
1785
|
#
|
1520
1786
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
1521
1787
|
# `
|
1788
|
+
#
|
1789
|
+
#
|
1790
|
+
#
|
1791
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
1522
1792
|
# @return [String]
|
1523
1793
|
#
|
1524
1794
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/RestoreCertificateAuthorityRequest AWS API Documentation
|
@@ -1530,11 +1800,17 @@ module Aws::ACMPCA
|
|
1530
1800
|
end
|
1531
1801
|
|
1532
1802
|
# Certificate revocation information used by the
|
1533
|
-
# CreateCertificateAuthority and UpdateCertificateAuthority
|
1534
|
-
# Your private certificate authority (CA) can create and
|
1535
|
-
# certificate revocation list (CRL). A CRL contains
|
1536
|
-
# certificates revoked by your CA. For more
|
1537
|
-
# RevokeCertificate.
|
1803
|
+
# [CreateCertificateAuthority][1] and [UpdateCertificateAuthority][2]
|
1804
|
+
# actions. Your private certificate authority (CA) can create and
|
1805
|
+
# maintain a certificate revocation list (CRL). A CRL contains
|
1806
|
+
# information about certificates revoked by your CA. For more
|
1807
|
+
# information, see [RevokeCertificate][3].
|
1808
|
+
#
|
1809
|
+
#
|
1810
|
+
#
|
1811
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
1812
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UpdateCertificateAuthority.html
|
1813
|
+
# [3]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_RevokeCertificate.html
|
1538
1814
|
#
|
1539
1815
|
# @note When making an API call, you may pass RevocationConfiguration
|
1540
1816
|
# data as a hash:
|
@@ -1581,7 +1857,7 @@ module Aws::ACMPCA
|
|
1581
1857
|
# @!attribute [rw] certificate_serial
|
1582
1858
|
# Serial number of the certificate to be revoked. This must be in
|
1583
1859
|
# hexadecimal format. You can retrieve the serial number by calling
|
1584
|
-
# GetCertificate with the Amazon Resource Name (ARN) of the
|
1860
|
+
# [GetCertificate][1] with the Amazon Resource Name (ARN) of the
|
1585
1861
|
# certificate you want and the ARN of your private CA. The
|
1586
1862
|
# **GetCertificate** action retrieves the certificate in the PEM
|
1587
1863
|
# format. You can use the following OpenSSL command to list the
|
@@ -1590,12 +1866,13 @@ module Aws::ACMPCA
|
|
1590
1866
|
# `openssl x509 -in file_path -text -noout`
|
1591
1867
|
#
|
1592
1868
|
# You can also copy the serial number from the console or use the
|
1593
|
-
# [DescribeCertificate][
|
1869
|
+
# [DescribeCertificate][2] action in the *AWS Certificate Manager API
|
1594
1870
|
# Reference*.
|
1595
1871
|
#
|
1596
1872
|
#
|
1597
1873
|
#
|
1598
|
-
# [1]: https://docs.aws.amazon.com/acm/latest/APIReference/
|
1874
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_GetCertificate.html
|
1875
|
+
# [2]: https://docs.aws.amazon.com/acm/latest/APIReference/API_DescribeCertificate.html
|
1599
1876
|
# @return [String]
|
1600
1877
|
#
|
1601
1878
|
# @!attribute [rw] revocation_reason
|
@@ -1615,8 +1892,13 @@ module Aws::ACMPCA
|
|
1615
1892
|
# Tags are labels that you can use to identify and organize your private
|
1616
1893
|
# CAs. Each tag consists of a key and an optional value. You can
|
1617
1894
|
# associate up to 50 tags with a private CA. To add one or more tags to
|
1618
|
-
# a private CA, call the TagCertificateAuthority action. To remove
|
1619
|
-
# tag, call the UntagCertificateAuthority action.
|
1895
|
+
# a private CA, call the [TagCertificateAuthority][1] action. To remove
|
1896
|
+
# a tag, call the [UntagCertificateAuthority][2] action.
|
1897
|
+
#
|
1898
|
+
#
|
1899
|
+
#
|
1900
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_TagCertificateAuthority.html
|
1901
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UntagCertificateAuthority.html
|
1620
1902
|
#
|
1621
1903
|
# @note When making an API call, you may pass Tag
|
1622
1904
|
# data as a hash:
|
@@ -1658,10 +1940,14 @@ module Aws::ACMPCA
|
|
1658
1940
|
#
|
1659
1941
|
# @!attribute [rw] certificate_authority_arn
|
1660
1942
|
# The Amazon Resource Name (ARN) that was returned when you called
|
1661
|
-
# CreateCertificateAuthority. This must be of the form:
|
1943
|
+
# [CreateCertificateAuthority][1]. This must be of the form:
|
1662
1944
|
#
|
1663
1945
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
1664
1946
|
# `
|
1947
|
+
#
|
1948
|
+
#
|
1949
|
+
#
|
1950
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
1665
1951
|
# @return [String]
|
1666
1952
|
#
|
1667
1953
|
# @!attribute [rw] tags
|
@@ -1706,10 +1992,14 @@ module Aws::ACMPCA
|
|
1706
1992
|
#
|
1707
1993
|
# @!attribute [rw] certificate_authority_arn
|
1708
1994
|
# The Amazon Resource Name (ARN) that was returned when you called
|
1709
|
-
# CreateCertificateAuthority. This must be of the form:
|
1995
|
+
# [CreateCertificateAuthority][1]. This must be of the form:
|
1710
1996
|
#
|
1711
1997
|
# `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
|
1712
1998
|
# `
|
1999
|
+
#
|
2000
|
+
#
|
2001
|
+
#
|
2002
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
1713
2003
|
# @return [String]
|
1714
2004
|
#
|
1715
2005
|
# @!attribute [rw] tags
|
@@ -1767,10 +2057,19 @@ module Aws::ACMPCA
|
|
1767
2057
|
include Aws::Structure
|
1768
2058
|
end
|
1769
2059
|
|
1770
|
-
#
|
1771
|
-
#
|
1772
|
-
#
|
1773
|
-
#
|
2060
|
+
# Validity specifies the period of time during which a certificate is
|
2061
|
+
# valid. Validity can be expressed as an explicit date and time when the
|
2062
|
+
# certificate expires, or as a span of time after issuance, stated in
|
2063
|
+
# days, months, or years. For more information, see [Validity][1] in RFC
|
2064
|
+
# 5280.
|
2065
|
+
#
|
2066
|
+
# You can issue a certificate by calling the [IssueCertificate][2]
|
2067
|
+
# action.
|
2068
|
+
#
|
2069
|
+
#
|
2070
|
+
#
|
2071
|
+
# [1]: https://tools.ietf.org/html/rfc5280#section-4.1.2.5
|
2072
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_IssueCertificate.html
|
1774
2073
|
#
|
1775
2074
|
# @note When making an API call, you may pass Validity
|
1776
2075
|
# data as a hash:
|
@@ -1781,12 +2080,42 @@ module Aws::ACMPCA
|
|
1781
2080
|
# }
|
1782
2081
|
#
|
1783
2082
|
# @!attribute [rw] value
|
1784
|
-
#
|
2083
|
+
# A long integer interpreted according to the value of `Type`, below.
|
1785
2084
|
# @return [Integer]
|
1786
2085
|
#
|
1787
2086
|
# @!attribute [rw] type
|
1788
|
-
#
|
1789
|
-
#
|
2087
|
+
# Determines how *ACM Private CA* interprets the `Value` parameter, an
|
2088
|
+
# integer. Supported validity types include those listed below. Type
|
2089
|
+
# definitions with values include a sample input value and the
|
2090
|
+
# resulting output.
|
2091
|
+
#
|
2092
|
+
# `END_DATE`\: The specific date and time when the certificate will
|
2093
|
+
# expire, expressed using UTCTime (YYMMDDHHMMSS) or GeneralizedTime
|
2094
|
+
# (YYYYMMDDHHMMSS) format. When UTCTime is used, if the year field
|
2095
|
+
# (YY) is greater than or equal to 50, the year is interpreted as
|
2096
|
+
# 19YY. If the year field is less than 50, the year is interpreted as
|
2097
|
+
# 20YY.
|
2098
|
+
#
|
2099
|
+
# * Sample input value: 491231235959 (UTCTime format)
|
2100
|
+
#
|
2101
|
+
# * Output expiration date/time: 12/31/2049 23:59:59
|
2102
|
+
#
|
2103
|
+
# `ABSOLUTE`\: The specific date and time when the certificate will
|
2104
|
+
# expire, expressed in seconds since the Unix Epoch.
|
2105
|
+
#
|
2106
|
+
# * Sample input value: 2524608000
|
2107
|
+
#
|
2108
|
+
# * Output expiration date/time: 01/01/2050 00:00:00
|
2109
|
+
#
|
2110
|
+
# `DAYS`, `MONTHS`, `YEARS`\: The relative time from the moment of
|
2111
|
+
# issuance until the certificate will expire, expressed in days,
|
2112
|
+
# months, or years.
|
2113
|
+
#
|
2114
|
+
# Example if `DAYS`, issued on 10/12/2020 at 12:34:54 UTC:
|
2115
|
+
#
|
2116
|
+
# * Sample input value: 90
|
2117
|
+
#
|
2118
|
+
# * Output expiration date: 01/10/2020 12:34:54 UTC
|
1790
2119
|
# @return [String]
|
1791
2120
|
#
|
1792
2121
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/Validity AWS API Documentation
|