aws-sdk-acmpca 1.37.0 → 1.41.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-acmpca/client.rb +41 -18
- data/lib/aws-sdk-acmpca/client_api.rb +6 -0
- data/lib/aws-sdk-acmpca/types.rb +113 -18
- data/lib/aws-sdk-acmpca.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dd2b38646e84ea0afef75bf008ac35861406a7501e594035650fb69897588560
|
4
|
+
data.tar.gz: 6957d148059e487523bea6c035c9a28d5b6896d3082dcfe52d802a2423ddae23
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 82e1b5968a98b3aaba2a85e44992e0721bbf5ecc1d87fdd65c03105737816a86d4b52fb4a5fd34e799b0533cc8df4ee7e7bd5eb641cd5371c313273aef6d9224
|
7
|
+
data.tar.gz: 80cb6094282be6f7ca7db24547c6f6d5cf6d50085f0c851793eba43183d40f6a1259cecdcd067d1c84542a0e33e33fa329bab72468c1d4750fadeefe3a039e8d
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,26 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.41.0 (2021-10-18)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
8
|
+
|
9
|
+
1.40.0 (2021-09-02)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Private Certificate Authority Service now allows customers to enable an online certificate status protocol (OCSP) responder service on their private certificate authorities. Customers can also optionally configure a custom CNAME for their OCSP responder.
|
13
|
+
|
14
|
+
1.39.0 (2021-09-01)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
18
|
+
|
19
|
+
1.38.0 (2021-07-30)
|
20
|
+
------------------
|
21
|
+
|
22
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
23
|
+
|
4
24
|
1.37.0 (2021-07-28)
|
5
25
|
------------------
|
6
26
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.41.0
|
@@ -338,17 +338,19 @@ module Aws::ACMPCA
|
|
338
338
|
# @!group API Operations
|
339
339
|
|
340
340
|
# Creates a root or subordinate private certificate authority (CA). You
|
341
|
-
# must specify the CA configuration,
|
342
|
-
#
|
343
|
-
#
|
341
|
+
# must specify the CA configuration, an optional configuration for
|
342
|
+
# Online Certificate Status Protocol (OCSP) and/or a certificate
|
343
|
+
# revocation list (CRL), the CA type, and an optional idempotency token
|
344
|
+
# to avoid accidental creation of multiple CAs. The CA configuration
|
344
345
|
# specifies the name of the algorithm and key size to be used to create
|
345
346
|
# the CA private key, the type of signing algorithm that the CA uses,
|
346
|
-
# and X.500 subject information. The
|
347
|
-
#
|
348
|
-
#
|
349
|
-
#
|
350
|
-
#
|
351
|
-
# CA.
|
347
|
+
# and X.500 subject information. The OCSP configuration can optionally
|
348
|
+
# specify a custom URL for the OCSP responder. The CRL configuration
|
349
|
+
# specifies the CRL expiration period in days (the validity period of
|
350
|
+
# the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME
|
351
|
+
# alias for the S3 bucket that is included in certificates issued by the
|
352
|
+
# CA. If successful, this action returns the Amazon Resource Name (ARN)
|
353
|
+
# of the CA.
|
352
354
|
#
|
353
355
|
# ACM Private CA assets that are stored in Amazon S3 can be protected
|
354
356
|
# with encryption. For more information, see [Encrypting Your CRLs][1].
|
@@ -370,16 +372,16 @@ module Aws::ACMPCA
|
|
370
372
|
# signing algorithm, and X.500 certificate subject information.
|
371
373
|
#
|
372
374
|
# @option params [Types::RevocationConfiguration] :revocation_configuration
|
373
|
-
# Contains
|
374
|
-
#
|
375
|
-
#
|
376
|
-
#
|
377
|
-
#
|
378
|
-
# the [CrlConfiguration][1] structure.
|
375
|
+
# Contains information to enable Online Certificate Status Protocol
|
376
|
+
# (OCSP) support, to enable a certificate revocation list (CRL), to
|
377
|
+
# enable both, or to enable neither. The default is for both certificate
|
378
|
+
# validation mechanisms to be disabled. For more information, see the
|
379
|
+
# [OcspConfiguration][1] and [CrlConfiguration][2] types.
|
379
380
|
#
|
380
381
|
#
|
381
382
|
#
|
382
|
-
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/
|
383
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_OcspConfiguration.html
|
384
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CrlConfiguration.html
|
383
385
|
#
|
384
386
|
# @option params [required, String] :certificate_authority_type
|
385
387
|
# The type of the certificate authority.
|
@@ -505,6 +507,10 @@ module Aws::ACMPCA
|
|
505
507
|
# s3_bucket_name: "String3To255",
|
506
508
|
# s3_object_acl: "PUBLIC_READ", # accepts PUBLIC_READ, BUCKET_OWNER_FULL_CONTROL
|
507
509
|
# },
|
510
|
+
# ocsp_configuration: {
|
511
|
+
# enabled: false, # required
|
512
|
+
# ocsp_custom_cname: "String253",
|
513
|
+
# },
|
508
514
|
# },
|
509
515
|
# certificate_authority_type: "ROOT", # required, accepts ROOT, SUBORDINATE
|
510
516
|
# idempotency_token: "IdempotencyToken",
|
@@ -999,6 +1005,8 @@ module Aws::ACMPCA
|
|
999
1005
|
# resp.certificate_authority.revocation_configuration.crl_configuration.custom_cname #=> String
|
1000
1006
|
# resp.certificate_authority.revocation_configuration.crl_configuration.s3_bucket_name #=> String
|
1001
1007
|
# resp.certificate_authority.revocation_configuration.crl_configuration.s3_object_acl #=> String, one of "PUBLIC_READ", "BUCKET_OWNER_FULL_CONTROL"
|
1008
|
+
# resp.certificate_authority.revocation_configuration.ocsp_configuration.enabled #=> Boolean
|
1009
|
+
# resp.certificate_authority.revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
|
1002
1010
|
# resp.certificate_authority.restorable_until #=> Time
|
1003
1011
|
# resp.certificate_authority.key_storage_security_standard #=> String, one of "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
|
1004
1012
|
#
|
@@ -1805,6 +1813,8 @@ module Aws::ACMPCA
|
|
1805
1813
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.custom_cname #=> String
|
1806
1814
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_bucket_name #=> String
|
1807
1815
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_object_acl #=> String, one of "PUBLIC_READ", "BUCKET_OWNER_FULL_CONTROL"
|
1816
|
+
# resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.enabled #=> Boolean
|
1817
|
+
# resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
|
1808
1818
|
# resp.certificate_authorities[0].restorable_until #=> Time
|
1809
1819
|
# resp.certificate_authorities[0].key_storage_security_standard #=> String, one of "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
|
1810
1820
|
# resp.next_token #=> String
|
@@ -2316,7 +2326,16 @@ module Aws::ACMPCA
|
|
2316
2326
|
# `
|
2317
2327
|
#
|
2318
2328
|
# @option params [Types::RevocationConfiguration] :revocation_configuration
|
2319
|
-
#
|
2329
|
+
# Contains information to enable Online Certificate Status Protocol
|
2330
|
+
# (OCSP) support, to enable a certificate revocation list (CRL), to
|
2331
|
+
# enable both, or to enable neither. If this parameter is not supplied,
|
2332
|
+
# existing capibilites remain unchanged. For more information, see the
|
2333
|
+
# [OcspConfiguration][1] and [CrlConfiguration][2] types.
|
2334
|
+
#
|
2335
|
+
#
|
2336
|
+
#
|
2337
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_OcspConfiguration.html
|
2338
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CrlConfiguration.html
|
2320
2339
|
#
|
2321
2340
|
# @option params [String] :status
|
2322
2341
|
# Status of your private CA.
|
@@ -2335,6 +2354,10 @@ module Aws::ACMPCA
|
|
2335
2354
|
# s3_bucket_name: "String3To255",
|
2336
2355
|
# s3_object_acl: "PUBLIC_READ", # accepts PUBLIC_READ, BUCKET_OWNER_FULL_CONTROL
|
2337
2356
|
# },
|
2357
|
+
# ocsp_configuration: {
|
2358
|
+
# enabled: false, # required
|
2359
|
+
# ocsp_custom_cname: "String253",
|
2360
|
+
# },
|
2338
2361
|
# },
|
2339
2362
|
# status: "CREATING", # accepts CREATING, PENDING_CERTIFICATE, ACTIVE, DELETED, DISABLED, EXPIRED, FAILED
|
2340
2363
|
# })
|
@@ -2361,7 +2384,7 @@ module Aws::ACMPCA
|
|
2361
2384
|
params: params,
|
2362
2385
|
config: config)
|
2363
2386
|
context[:gem_name] = 'aws-sdk-acmpca'
|
2364
|
-
context[:gem_version] = '1.
|
2387
|
+
context[:gem_version] = '1.41.0'
|
2365
2388
|
Seahorse::Client::Request.new(handlers, context)
|
2366
2389
|
end
|
2367
2390
|
|
@@ -102,6 +102,7 @@ module Aws::ACMPCA
|
|
102
102
|
MalformedCertificateException = Shapes::StructureShape.new(name: 'MalformedCertificateException')
|
103
103
|
MaxResults = Shapes::IntegerShape.new(name: 'MaxResults')
|
104
104
|
NextToken = Shapes::StringShape.new(name: 'NextToken')
|
105
|
+
OcspConfiguration = Shapes::StructureShape.new(name: 'OcspConfiguration')
|
105
106
|
OtherName = Shapes::StructureShape.new(name: 'OtherName')
|
106
107
|
PermanentDeletionTimeInDays = Shapes::IntegerShape.new(name: 'PermanentDeletionTimeInDays')
|
107
108
|
Permission = Shapes::StructureShape.new(name: 'Permission')
|
@@ -424,6 +425,10 @@ module Aws::ACMPCA
|
|
424
425
|
MalformedCertificateException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
|
425
426
|
MalformedCertificateException.struct_class = Types::MalformedCertificateException
|
426
427
|
|
428
|
+
OcspConfiguration.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "Enabled", metadata: {"box"=>true}))
|
429
|
+
OcspConfiguration.add_member(:ocsp_custom_cname, Shapes::ShapeRef.new(shape: String253, location_name: "OcspCustomCname"))
|
430
|
+
OcspConfiguration.struct_class = Types::OcspConfiguration
|
431
|
+
|
427
432
|
OtherName.add_member(:type_id, Shapes::ShapeRef.new(shape: CustomObjectIdentifier, required: true, location_name: "TypeId"))
|
428
433
|
OtherName.add_member(:value, Shapes::ShapeRef.new(shape: String256, required: true, location_name: "Value"))
|
429
434
|
OtherName.struct_class = Types::OtherName
|
@@ -474,6 +479,7 @@ module Aws::ACMPCA
|
|
474
479
|
RestoreCertificateAuthorityRequest.struct_class = Types::RestoreCertificateAuthorityRequest
|
475
480
|
|
476
481
|
RevocationConfiguration.add_member(:crl_configuration, Shapes::ShapeRef.new(shape: CrlConfiguration, location_name: "CrlConfiguration"))
|
482
|
+
RevocationConfiguration.add_member(:ocsp_configuration, Shapes::ShapeRef.new(shape: OcspConfiguration, location_name: "OcspConfiguration"))
|
477
483
|
RevocationConfiguration.struct_class = Types::RevocationConfiguration
|
478
484
|
|
479
485
|
RevokeCertificateRequest.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateAuthorityArn"))
|
data/lib/aws-sdk-acmpca/types.rb
CHANGED
@@ -418,7 +418,8 @@ module Aws::ACMPCA
|
|
418
418
|
# @return [Types::CertificateAuthorityConfiguration]
|
419
419
|
#
|
420
420
|
# @!attribute [rw] revocation_configuration
|
421
|
-
# Information about the
|
421
|
+
# Information about the Online Certificate Status Protocol (OCSP)
|
422
|
+
# configuration or certificate revocation list (CRL) created and
|
422
423
|
# maintained by your private CA.
|
423
424
|
# @return [Types::RevocationConfiguration]
|
424
425
|
#
|
@@ -756,6 +757,10 @@ module Aws::ACMPCA
|
|
756
757
|
# s3_bucket_name: "String3To255",
|
757
758
|
# s3_object_acl: "PUBLIC_READ", # accepts PUBLIC_READ, BUCKET_OWNER_FULL_CONTROL
|
758
759
|
# },
|
760
|
+
# ocsp_configuration: {
|
761
|
+
# enabled: false, # required
|
762
|
+
# ocsp_custom_cname: "String253",
|
763
|
+
# },
|
759
764
|
# },
|
760
765
|
# certificate_authority_type: "ROOT", # required, accepts ROOT, SUBORDINATE
|
761
766
|
# idempotency_token: "IdempotencyToken",
|
@@ -774,16 +779,17 @@ module Aws::ACMPCA
|
|
774
779
|
# @return [Types::CertificateAuthorityConfiguration]
|
775
780
|
#
|
776
781
|
# @!attribute [rw] revocation_configuration
|
777
|
-
# Contains
|
778
|
-
#
|
779
|
-
#
|
780
|
-
#
|
781
|
-
#
|
782
|
-
#
|
782
|
+
# Contains information to enable Online Certificate Status Protocol
|
783
|
+
# (OCSP) support, to enable a certificate revocation list (CRL), to
|
784
|
+
# enable both, or to enable neither. The default is for both
|
785
|
+
# certificate validation mechanisms to be disabled. For more
|
786
|
+
# information, see the [OcspConfiguration][1] and
|
787
|
+
# [CrlConfiguration][2] types.
|
783
788
|
#
|
784
789
|
#
|
785
790
|
#
|
786
|
-
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/
|
791
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_OcspConfiguration.html
|
792
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CrlConfiguration.html
|
787
793
|
# @return [Types::RevocationConfiguration]
|
788
794
|
#
|
789
795
|
# @!attribute [rw] certificate_authority_type
|
@@ -927,6 +933,10 @@ module Aws::ACMPCA
|
|
927
933
|
# generated and in the next audit report. Only time valid certificates
|
928
934
|
# are listed in the CRL. Expired certificates are not included.
|
929
935
|
#
|
936
|
+
# A CRL is typically updated approximately 30 minutes after a
|
937
|
+
# certificate is revoked. If for any reason a CRL update fails, ACM
|
938
|
+
# Private CA makes further attempts every 15 minutes.
|
939
|
+
#
|
930
940
|
# CRLs contain the following fields:
|
931
941
|
#
|
932
942
|
# * **Version**\: The current version number defined in RFC 5280 is V2.
|
@@ -974,9 +984,14 @@ module Aws::ACMPCA
|
|
974
984
|
#
|
975
985
|
# `openssl crl -inform DER -text -in crl_path -noout`
|
976
986
|
#
|
987
|
+
# For more information, see [Planning a certificate revocation list
|
988
|
+
# (CRL)][2] in the *AWS Certificate Manager Private Certificate
|
989
|
+
# Authority (PCA) User Guide*
|
990
|
+
#
|
977
991
|
#
|
978
992
|
#
|
979
993
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaCreateCa.html#crl-encryption
|
994
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/userguide/crl-planning.html
|
980
995
|
#
|
981
996
|
# @note When making an API call, you may pass CrlConfiguration
|
982
997
|
# data as a hash:
|
@@ -1018,9 +1033,9 @@ module Aws::ACMPCA
|
|
1018
1033
|
# value for the **CustomCname** argument, the name of your S3 bucket
|
1019
1034
|
# is placed into the **CRL Distribution Points** extension of the
|
1020
1035
|
# issued certificate. You can change the name of your bucket by
|
1021
|
-
# calling the [UpdateCertificateAuthority][1]
|
1022
|
-
# a [bucket policy][2] that allows ACM Private CA to write the
|
1023
|
-
# your bucket.
|
1036
|
+
# calling the [UpdateCertificateAuthority][1] operation. You must
|
1037
|
+
# specify a [bucket policy][2] that allows ACM Private CA to write the
|
1038
|
+
# CRL to your bucket.
|
1024
1039
|
#
|
1025
1040
|
#
|
1026
1041
|
#
|
@@ -2553,6 +2568,52 @@ module Aws::ACMPCA
|
|
2553
2568
|
include Aws::Structure
|
2554
2569
|
end
|
2555
2570
|
|
2571
|
+
# Contains information to enable and configure Online Certificate Status
|
2572
|
+
# Protocol (OCSP) for validating certificate revocation status.
|
2573
|
+
#
|
2574
|
+
# When you revoke a certificate, OCSP responses may take up to 60
|
2575
|
+
# minutes to reflect the new status.
|
2576
|
+
#
|
2577
|
+
# @note When making an API call, you may pass OcspConfiguration
|
2578
|
+
# data as a hash:
|
2579
|
+
#
|
2580
|
+
# {
|
2581
|
+
# enabled: false, # required
|
2582
|
+
# ocsp_custom_cname: "String253",
|
2583
|
+
# }
|
2584
|
+
#
|
2585
|
+
# @!attribute [rw] enabled
|
2586
|
+
# Flag enabling use of the Online Certificate Status Protocol (OCSP)
|
2587
|
+
# for validating certificate revocation status.
|
2588
|
+
# @return [Boolean]
|
2589
|
+
#
|
2590
|
+
# @!attribute [rw] ocsp_custom_cname
|
2591
|
+
# By default, ACM Private CA injects an AWS domain into certificates
|
2592
|
+
# being validated by the Online Certificate Status Protocol (OCSP). A
|
2593
|
+
# customer can alternatively use this object to define a CNAME
|
2594
|
+
# specifying a customized OCSP domain.
|
2595
|
+
#
|
2596
|
+
# Note: The value of the CNAME must not include a protocol prefix such
|
2597
|
+
# as "http://" or "https://".
|
2598
|
+
#
|
2599
|
+
# For more information, see [Customizing Online Certificate Status
|
2600
|
+
# Protocol (OCSP) ][1] in the *AWS Certificate Manager Private
|
2601
|
+
# Certificate Authority (PCA) User Guide*.
|
2602
|
+
#
|
2603
|
+
#
|
2604
|
+
#
|
2605
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/ocsp-customize.html
|
2606
|
+
# @return [String]
|
2607
|
+
#
|
2608
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/OcspConfiguration AWS API Documentation
|
2609
|
+
#
|
2610
|
+
class OcspConfiguration < Struct.new(
|
2611
|
+
:enabled,
|
2612
|
+
:ocsp_custom_cname)
|
2613
|
+
SENSITIVE = []
|
2614
|
+
include Aws::Structure
|
2615
|
+
end
|
2616
|
+
|
2556
2617
|
# Defines a custom ASN.1 X.400 `GeneralName` using an object identifier
|
2557
2618
|
# (OID) and value. The OID must satisfy the regular expression shown
|
2558
2619
|
# below. For more information, see NIST's definition of [Object
|
@@ -2879,16 +2940,21 @@ module Aws::ACMPCA
|
|
2879
2940
|
|
2880
2941
|
# Certificate revocation information used by the
|
2881
2942
|
# [CreateCertificateAuthority][1] and [UpdateCertificateAuthority][2]
|
2882
|
-
# actions. Your private certificate authority (CA) can
|
2883
|
-
#
|
2884
|
-
#
|
2885
|
-
#
|
2943
|
+
# actions. Your private certificate authority (CA) can configure Online
|
2944
|
+
# Certificate Status Protocol (OCSP) support and/or maintain a
|
2945
|
+
# certificate revocation list (CRL). OCSP returns validation information
|
2946
|
+
# about certificates as requested by clients, and a CRL contains an
|
2947
|
+
# updated list of certificates revoked by your CA. For more information,
|
2948
|
+
# see [RevokeCertificate][3] and [Setting up a certificate revocation
|
2949
|
+
# method][4] in the *AWS Certificate Manager Private Certificate
|
2950
|
+
# Authority (PCA) User Guide*.
|
2886
2951
|
#
|
2887
2952
|
#
|
2888
2953
|
#
|
2889
2954
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html
|
2890
2955
|
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UpdateCertificateAuthority.html
|
2891
2956
|
# [3]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_RevokeCertificate.html
|
2957
|
+
# [4]: https://docs.aws.amazon.com/acm-pca/latest/userguide/revocation-setup.html
|
2892
2958
|
#
|
2893
2959
|
# @note When making an API call, you may pass RevocationConfiguration
|
2894
2960
|
# data as a hash:
|
@@ -2901,17 +2967,32 @@ module Aws::ACMPCA
|
|
2901
2967
|
# s3_bucket_name: "String3To255",
|
2902
2968
|
# s3_object_acl: "PUBLIC_READ", # accepts PUBLIC_READ, BUCKET_OWNER_FULL_CONTROL
|
2903
2969
|
# },
|
2970
|
+
# ocsp_configuration: {
|
2971
|
+
# enabled: false, # required
|
2972
|
+
# ocsp_custom_cname: "String253",
|
2973
|
+
# },
|
2904
2974
|
# }
|
2905
2975
|
#
|
2906
2976
|
# @!attribute [rw] crl_configuration
|
2907
2977
|
# Configuration of the certificate revocation list (CRL), if any,
|
2908
|
-
# maintained by your private CA.
|
2978
|
+
# maintained by your private CA. A CRL is typically updated
|
2979
|
+
# approximately 30 minutes after a certificate is revoked. If for any
|
2980
|
+
# reason a CRL update fails, ACM Private CA makes further attempts
|
2981
|
+
# every 15 minutes.
|
2909
2982
|
# @return [Types::CrlConfiguration]
|
2910
2983
|
#
|
2984
|
+
# @!attribute [rw] ocsp_configuration
|
2985
|
+
# Configuration of Online Certificate Status Protocol (OCSP) support,
|
2986
|
+
# if any, maintained by your private CA. When you revoke a
|
2987
|
+
# certificate, OCSP responses may take up to 60 minutes to reflect the
|
2988
|
+
# new status.
|
2989
|
+
# @return [Types::OcspConfiguration]
|
2990
|
+
#
|
2911
2991
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/RevocationConfiguration AWS API Documentation
|
2912
2992
|
#
|
2913
2993
|
class RevocationConfiguration < Struct.new(
|
2914
|
-
:crl_configuration
|
2994
|
+
:crl_configuration,
|
2995
|
+
:ocsp_configuration)
|
2915
2996
|
SENSITIVE = []
|
2916
2997
|
include Aws::Structure
|
2917
2998
|
end
|
@@ -3107,6 +3188,10 @@ module Aws::ACMPCA
|
|
3107
3188
|
# s3_bucket_name: "String3To255",
|
3108
3189
|
# s3_object_acl: "PUBLIC_READ", # accepts PUBLIC_READ, BUCKET_OWNER_FULL_CONTROL
|
3109
3190
|
# },
|
3191
|
+
# ocsp_configuration: {
|
3192
|
+
# enabled: false, # required
|
3193
|
+
# ocsp_custom_cname: "String253",
|
3194
|
+
# },
|
3110
3195
|
# },
|
3111
3196
|
# status: "CREATING", # accepts CREATING, PENDING_CERTIFICATE, ACTIVE, DELETED, DISABLED, EXPIRED, FAILED
|
3112
3197
|
# }
|
@@ -3120,7 +3205,17 @@ module Aws::ACMPCA
|
|
3120
3205
|
# @return [String]
|
3121
3206
|
#
|
3122
3207
|
# @!attribute [rw] revocation_configuration
|
3123
|
-
#
|
3208
|
+
# Contains information to enable Online Certificate Status Protocol
|
3209
|
+
# (OCSP) support, to enable a certificate revocation list (CRL), to
|
3210
|
+
# enable both, or to enable neither. If this parameter is not
|
3211
|
+
# supplied, existing capibilites remain unchanged. For more
|
3212
|
+
# information, see the [OcspConfiguration][1] and
|
3213
|
+
# [CrlConfiguration][2] types.
|
3214
|
+
#
|
3215
|
+
#
|
3216
|
+
#
|
3217
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_OcspConfiguration.html
|
3218
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CrlConfiguration.html
|
3124
3219
|
# @return [Types::RevocationConfiguration]
|
3125
3220
|
#
|
3126
3221
|
# @!attribute [rw] status
|
data/lib/aws-sdk-acmpca.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-acmpca
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.41.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-10-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.121.2
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.121.2
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|
@@ -77,7 +77,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
77
77
|
requirements:
|
78
78
|
- - ">="
|
79
79
|
- !ruby/object:Gem::Version
|
80
|
-
version: '
|
80
|
+
version: '2.3'
|
81
81
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
82
82
|
requirements:
|
83
83
|
- - ">="
|