aws-sdk-acmpca 1.45.0 → 1.48.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-acmpca/client.rb +136 -76
- data/lib/aws-sdk-acmpca/client_api.rb +21 -0
- data/lib/aws-sdk-acmpca/types.rb +265 -49
- data/lib/aws-sdk-acmpca.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9d5e73b72e120fe6f31fdb18760aa8a128be5cc432116ce6084da30f9e8d3140
|
4
|
+
data.tar.gz: 85d9985fb896de12f98b252e9ed8608a056bd4dd98faf9b7f80530dc2e6049d4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a7f3210122e4e950a70270cdc69afa4f776e9ef3f73e5fbc7cb863d1e27910818bf909b461af3de8d3f574b9629d5c8d36563211e3d4f0f40f44ce053b71046d
|
7
|
+
data.tar.gz: 2d2e4e53f928df205f5c5624c502d17af55bf3c2d798ac821575380fb12dd59ece4369e7cff091183e2ebbc8bb271e3fb17ff92c74a6cbbce5d2bf12a343df57
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,21 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.48.0 (2022-03-28)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Updating service name entities
|
8
|
+
|
9
|
+
1.47.0 (2022-03-16)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - AWS Certificate Manager (ACM) Private Certificate Authority (CA) now supports customizable certificate subject names and extensions.
|
13
|
+
|
14
|
+
1.46.0 (2022-02-24)
|
15
|
+
------------------
|
16
|
+
|
17
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
18
|
+
|
4
19
|
1.45.0 (2022-02-03)
|
5
20
|
------------------
|
6
21
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.48.0
|
@@ -27,6 +27,7 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
|
27
27
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
28
28
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
29
29
|
require 'aws-sdk-core/plugins/http_checksum.rb'
|
30
|
+
require 'aws-sdk-core/plugins/checksum_algorithm.rb'
|
30
31
|
require 'aws-sdk-core/plugins/defaults_mode.rb'
|
31
32
|
require 'aws-sdk-core/plugins/recursion_detection.rb'
|
32
33
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
@@ -75,6 +76,7 @@ module Aws::ACMPCA
|
|
75
76
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
76
77
|
add_plugin(Aws::Plugins::TransferEncoding)
|
77
78
|
add_plugin(Aws::Plugins::HttpChecksum)
|
79
|
+
add_plugin(Aws::Plugins::ChecksumAlgorithm)
|
78
80
|
add_plugin(Aws::Plugins::DefaultsMode)
|
79
81
|
add_plugin(Aws::Plugins::RecursionDetection)
|
80
82
|
add_plugin(Aws::Plugins::SignatureV4)
|
@@ -380,14 +382,14 @@ module Aws::ACMPCA
|
|
380
382
|
# <note markdown="1"> Both PCA and the IAM principal must have permission to write to the S3
|
381
383
|
# bucket that you specify. If the IAM principal making the call does not
|
382
384
|
# have permission to write to the bucket, then an exception is thrown.
|
383
|
-
# For more information, see [
|
385
|
+
# For more information, see [Access policies for CRLs in Amazon S3][2].
|
384
386
|
#
|
385
387
|
# </note>
|
386
388
|
#
|
387
389
|
#
|
388
390
|
#
|
389
391
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaCreateCa.html#crl-encryption
|
390
|
-
# [2]: https://docs.aws.amazon.com/acm-pca/latest/userguide/
|
392
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/userguide/crl-planning.html#s3-policies
|
391
393
|
#
|
392
394
|
# @option params [required, Types::CertificateAuthorityConfiguration] :certificate_authority_configuration
|
393
395
|
# Name and bit size of the private key algorithm, the name of the
|
@@ -467,6 +469,12 @@ module Aws::ACMPCA
|
|
467
469
|
# initials: "String5",
|
468
470
|
# pseudonym: "String128",
|
469
471
|
# generation_qualifier: "String3",
|
472
|
+
# custom_attributes: [
|
473
|
+
# {
|
474
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
475
|
+
# value: "String1To256", # required
|
476
|
+
# },
|
477
|
+
# ],
|
470
478
|
# },
|
471
479
|
# csr_extensions: {
|
472
480
|
# key_usage: {
|
@@ -508,6 +516,12 @@ module Aws::ACMPCA
|
|
508
516
|
# initials: "String5",
|
509
517
|
# pseudonym: "String128",
|
510
518
|
# generation_qualifier: "String3",
|
519
|
+
# custom_attributes: [
|
520
|
+
# {
|
521
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
522
|
+
# value: "String1To256", # required
|
523
|
+
# },
|
524
|
+
# ],
|
511
525
|
# },
|
512
526
|
# edi_party_name: {
|
513
527
|
# party_name: "String256", # required
|
@@ -566,7 +580,7 @@ module Aws::ACMPCA
|
|
566
580
|
# <note markdown="1"> Both PCA and the IAM principal must have permission to write to the S3
|
567
581
|
# bucket that you specify. If the IAM principal making the call does not
|
568
582
|
# have permission to write to the bucket, then an exception is thrown.
|
569
|
-
# For more information, see [
|
583
|
+
# For more information, see [Access policies for CRLs in Amazon S3][3].
|
570
584
|
#
|
571
585
|
# </note>
|
572
586
|
#
|
@@ -574,11 +588,15 @@ module Aws::ACMPCA
|
|
574
588
|
# with encryption. For more information, see [Encrypting Your Audit
|
575
589
|
# Reports][4].
|
576
590
|
#
|
591
|
+
# <note markdown="1"> You can generate a maximum of one report every 30 minutes.
|
592
|
+
#
|
593
|
+
# </note>
|
594
|
+
#
|
577
595
|
#
|
578
596
|
#
|
579
597
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_IssueCertificate.html
|
580
598
|
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_RevokeCertificate.html
|
581
|
-
# [3]: https://docs.aws.amazon.com/acm-pca/latest/userguide/
|
599
|
+
# [3]: https://docs.aws.amazon.com/acm-pca/latest/userguide/crl-planning.html#s3-policies
|
582
600
|
# [4]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaAuditReport.html#audit-report-encryption
|
583
601
|
#
|
584
602
|
# @option params [required, String] :certificate_authority_arn
|
@@ -622,10 +640,10 @@ module Aws::ACMPCA
|
|
622
640
|
req.send_request(options)
|
623
641
|
end
|
624
642
|
|
625
|
-
# Grants one or more permissions on a private CA to the
|
643
|
+
# Grants one or more permissions on a private CA to the Certificate
|
626
644
|
# Manager (ACM) service principal (`acm.amazonaws.com`). These
|
627
645
|
# permissions allow ACM to issue and renew ACM certificates that reside
|
628
|
-
# in the same
|
646
|
+
# in the same Amazon Web Services account as the CA.
|
629
647
|
#
|
630
648
|
# You can list current permissions with the [ListPermissions][1] action
|
631
649
|
# and revoke them with the [DeletePermission][2] action.
|
@@ -666,15 +684,17 @@ module Aws::ACMPCA
|
|
666
684
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html
|
667
685
|
#
|
668
686
|
# @option params [required, String] :principal
|
669
|
-
# The
|
670
|
-
# time, the only valid principal is
|
687
|
+
# The Amazon Web Services service or identity that receives the
|
688
|
+
# permission. At this time, the only valid principal is
|
689
|
+
# `acm.amazonaws.com`.
|
671
690
|
#
|
672
691
|
# @option params [String] :source_account
|
673
692
|
# The ID of the calling account.
|
674
693
|
#
|
675
694
|
# @option params [required, Array<String>] :actions
|
676
|
-
# The actions that the specified
|
677
|
-
# include `IssueCertificate`, `GetCertificate`, and
|
695
|
+
# The actions that the specified Amazon Web Services service principal
|
696
|
+
# can use. These include `IssueCertificate`, `GetCertificate`, and
|
697
|
+
# `ListPermissions`.
|
678
698
|
#
|
679
699
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
680
700
|
#
|
@@ -768,13 +788,13 @@ module Aws::ACMPCA
|
|
768
788
|
req.send_request(options)
|
769
789
|
end
|
770
790
|
|
771
|
-
# Revokes permissions on a private CA granted to the
|
772
|
-
#
|
791
|
+
# Revokes permissions on a private CA granted to the Certificate Manager
|
792
|
+
# (ACM) service principal (acm.amazonaws.com).
|
773
793
|
#
|
774
794
|
# These permissions allow ACM to issue and renew ACM certificates that
|
775
|
-
# reside in the same
|
776
|
-
# permissions, ACM will no longer renew the affected
|
777
|
-
# automatically.
|
795
|
+
# reside in the same Amazon Web Services account as the CA. If you
|
796
|
+
# revoke these permissions, ACM will no longer renew the affected
|
797
|
+
# certificates automatically.
|
778
798
|
#
|
779
799
|
# Permissions can be granted with the [CreatePermission][1] action and
|
780
800
|
# listed with the [ListPermissions][2] action.
|
@@ -816,11 +836,12 @@ module Aws::ACMPCA
|
|
816
836
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html
|
817
837
|
#
|
818
838
|
# @option params [required, String] :principal
|
819
|
-
# The
|
820
|
-
# At this time, the only valid service principal is
|
839
|
+
# The Amazon Web Services service or identity that will have its CA
|
840
|
+
# permissions revoked. At this time, the only valid service principal is
|
841
|
+
# `acm.amazonaws.com`
|
821
842
|
#
|
822
843
|
# @option params [String] :source_account
|
823
|
-
# The
|
844
|
+
# The Amazon Web Services account that calls this action.
|
824
845
|
#
|
825
846
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
826
847
|
#
|
@@ -845,25 +866,26 @@ module Aws::ACMPCA
|
|
845
866
|
# will remove any access that the policy has granted. If there is no
|
846
867
|
# policy attached to the private CA, this action will return successful.
|
847
868
|
#
|
848
|
-
# If you delete a policy that was applied through
|
849
|
-
# Manager (RAM), the CA will be removed from all shares
|
850
|
-
# included.
|
869
|
+
# If you delete a policy that was applied through Amazon Web Services
|
870
|
+
# Resource Access Manager (RAM), the CA will be removed from all shares
|
871
|
+
# in which it was included.
|
851
872
|
#
|
852
|
-
# The
|
853
|
-
#
|
873
|
+
# The Certificate Manager Service Linked Role that the policy supports
|
874
|
+
# is not affected when you delete the policy.
|
854
875
|
#
|
855
876
|
# The current policy can be shown with [GetPolicy][1] and updated with
|
856
877
|
# [PutPolicy][2].
|
857
878
|
#
|
858
879
|
# **About Policies**
|
859
880
|
#
|
860
|
-
# * A policy grants access on a private CA to an
|
861
|
-
# to
|
862
|
-
#
|
863
|
-
#
|
881
|
+
# * A policy grants access on a private CA to an Amazon Web Services
|
882
|
+
# customer account, to Amazon Web Services Organizations, or to an
|
883
|
+
# Amazon Web Services Organizations unit. Policies are under the
|
884
|
+
# control of a CA administrator. For more information, see [Using a
|
885
|
+
# Resource Based Policy with ACM Private CA][3].
|
864
886
|
#
|
865
|
-
# * A policy permits a user of
|
866
|
-
#
|
887
|
+
# * A policy permits a user of Certificate Manager (ACM) to issue ACM
|
888
|
+
# certificates signed by a CA in another account.
|
867
889
|
#
|
868
890
|
# * For ACM to manage automatic renewal of these certificates, the ACM
|
869
891
|
# user must configure a Service Linked Role (SLR). The SLR allows the
|
@@ -871,9 +893,9 @@ module Aws::ACMPCA
|
|
871
893
|
# confirmation against the ACM Private CA policy. For more
|
872
894
|
# information, see [Using a Service Linked Role with ACM][4].
|
873
895
|
#
|
874
|
-
# * Updates made in
|
875
|
-
# policies. For more information, see [Attach a Policy
|
876
|
-
# Cross-Account Access][5].
|
896
|
+
# * Updates made in Amazon Web Services Resource Manager (RAM) are
|
897
|
+
# reflected in policies. For more information, see [Attach a Policy
|
898
|
+
# for Cross-Account Access][5].
|
877
899
|
#
|
878
900
|
#
|
879
901
|
#
|
@@ -930,9 +952,9 @@ module Aws::ACMPCA
|
|
930
952
|
# * `EXPIRED` - Your private CA certificate has expired.
|
931
953
|
#
|
932
954
|
# * `FAILED` - Your private CA has failed. Your CA can fail because of
|
933
|
-
# problems such a network outage or back-end
|
934
|
-
# errors. A failed CA can never return to the pending
|
935
|
-
# create a new CA.
|
955
|
+
# problems such a network outage or back-end Amazon Web Services
|
956
|
+
# failure or other errors. A failed CA can never return to the pending
|
957
|
+
# state. You must create a new CA.
|
936
958
|
#
|
937
959
|
# * `DELETED` - Your private CA is within the restoration period, after
|
938
960
|
# which it is permanently deleted. The length of time remaining in the
|
@@ -987,6 +1009,9 @@ module Aws::ACMPCA
|
|
987
1009
|
# resp.certificate_authority.certificate_authority_configuration.subject.initials #=> String
|
988
1010
|
# resp.certificate_authority.certificate_authority_configuration.subject.pseudonym #=> String
|
989
1011
|
# resp.certificate_authority.certificate_authority_configuration.subject.generation_qualifier #=> String
|
1012
|
+
# resp.certificate_authority.certificate_authority_configuration.subject.custom_attributes #=> Array
|
1013
|
+
# resp.certificate_authority.certificate_authority_configuration.subject.custom_attributes[0].object_identifier #=> String
|
1014
|
+
# resp.certificate_authority.certificate_authority_configuration.subject.custom_attributes[0].value #=> String
|
990
1015
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.key_usage.digital_signature #=> Boolean
|
991
1016
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.key_usage.non_repudiation #=> Boolean
|
992
1017
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.key_usage.key_encipherment #=> Boolean
|
@@ -1017,6 +1042,9 @@ module Aws::ACMPCA
|
|
1017
1042
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.initials #=> String
|
1018
1043
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.pseudonym #=> String
|
1019
1044
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.generation_qualifier #=> String
|
1045
|
+
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.custom_attributes #=> Array
|
1046
|
+
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.custom_attributes[0].object_identifier #=> String
|
1047
|
+
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.custom_attributes[0].value #=> String
|
1020
1048
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.edi_party_name.party_name #=> String
|
1021
1049
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.edi_party_name.name_assigner #=> String
|
1022
1050
|
# resp.certificate_authority.certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.uniform_resource_identifier #=> String
|
@@ -1266,13 +1294,14 @@ module Aws::ACMPCA
|
|
1266
1294
|
#
|
1267
1295
|
# **About Policies**
|
1268
1296
|
#
|
1269
|
-
# * A policy grants access on a private CA to an
|
1270
|
-
# to
|
1271
|
-
#
|
1272
|
-
#
|
1297
|
+
# * A policy grants access on a private CA to an Amazon Web Services
|
1298
|
+
# customer account, to Amazon Web Services Organizations, or to an
|
1299
|
+
# Amazon Web Services Organizations unit. Policies are under the
|
1300
|
+
# control of a CA administrator. For more information, see [Using a
|
1301
|
+
# Resource Based Policy with ACM Private CA][3].
|
1273
1302
|
#
|
1274
|
-
# * A policy permits a user of
|
1275
|
-
#
|
1303
|
+
# * A policy permits a user of Certificate Manager (ACM) to issue ACM
|
1304
|
+
# certificates signed by a CA in another account.
|
1276
1305
|
#
|
1277
1306
|
# * For ACM to manage automatic renewal of these certificates, the ACM
|
1278
1307
|
# user must configure a Service Linked Role (SLR). The SLR allows the
|
@@ -1280,9 +1309,9 @@ module Aws::ACMPCA
|
|
1280
1309
|
# confirmation against the ACM Private CA policy. For more
|
1281
1310
|
# information, see [Using a Service Linked Role with ACM][4].
|
1282
1311
|
#
|
1283
|
-
# * Updates made in
|
1284
|
-
# policies. For more information, see [Attach a Policy
|
1285
|
-
# Cross-Account Access][5].
|
1312
|
+
# * Updates made in Amazon Web Services Resource Manager (RAM) are
|
1313
|
+
# reflected in policies. For more information, see [Attach a Policy
|
1314
|
+
# for Cross-Account Access][5].
|
1286
1315
|
#
|
1287
1316
|
#
|
1288
1317
|
#
|
@@ -1519,7 +1548,7 @@ module Aws::ACMPCA
|
|
1519
1548
|
# contains your X509 version 3 extensions.
|
1520
1549
|
#
|
1521
1550
|
# `openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey
|
1522
|
-
# rsa:2048 -days
|
1551
|
+
# rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out
|
1523
1552
|
# csr/test_cert_.csr`
|
1524
1553
|
#
|
1525
1554
|
# Note: A CSR must provide either a *subject name* or a *subject
|
@@ -1533,6 +1562,11 @@ module Aws::ACMPCA
|
|
1533
1562
|
# parameter used to sign a CSR in the `CreateCertificateAuthority`
|
1534
1563
|
# action.
|
1535
1564
|
#
|
1565
|
+
# <note markdown="1"> The specified signing algorithm family (RSA or ECDSA) much match the
|
1566
|
+
# algorithm family of the CA's secret key.
|
1567
|
+
#
|
1568
|
+
# </note>
|
1569
|
+
#
|
1536
1570
|
# @option params [String] :template_arn
|
1537
1571
|
# Specifies a custom configuration template to use when issuing a
|
1538
1572
|
# certificate. If this parameter is not provided, ACM Private CA
|
@@ -1573,7 +1607,7 @@ module Aws::ACMPCA
|
|
1573
1607
|
#
|
1574
1608
|
#
|
1575
1609
|
#
|
1576
|
-
# [1]: https://
|
1610
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
|
1577
1611
|
#
|
1578
1612
|
# @option params [Types::Validity] :validity_not_before
|
1579
1613
|
# Information describing the start of the validity period of the
|
@@ -1597,7 +1631,7 @@ module Aws::ACMPCA
|
|
1597
1631
|
#
|
1598
1632
|
#
|
1599
1633
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_Validity.html
|
1600
|
-
# [2]: https://
|
1634
|
+
# [2]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
|
1601
1635
|
#
|
1602
1636
|
# @option params [String] :idempotency_token
|
1603
1637
|
# Alphanumeric string that can be used to distinguish between calls to
|
@@ -1671,6 +1705,12 @@ module Aws::ACMPCA
|
|
1671
1705
|
# initials: "String5",
|
1672
1706
|
# pseudonym: "String128",
|
1673
1707
|
# generation_qualifier: "String3",
|
1708
|
+
# custom_attributes: [
|
1709
|
+
# {
|
1710
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1711
|
+
# value: "String1To256", # required
|
1712
|
+
# },
|
1713
|
+
# ],
|
1674
1714
|
# },
|
1675
1715
|
# edi_party_name: {
|
1676
1716
|
# party_name: "String256", # required
|
@@ -1681,6 +1721,13 @@ module Aws::ACMPCA
|
|
1681
1721
|
# registered_id: "CustomObjectIdentifier",
|
1682
1722
|
# },
|
1683
1723
|
# ],
|
1724
|
+
# custom_extensions: [
|
1725
|
+
# {
|
1726
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1727
|
+
# value: "Base64String1To4096", # required
|
1728
|
+
# critical: false,
|
1729
|
+
# },
|
1730
|
+
# ],
|
1684
1731
|
# },
|
1685
1732
|
# subject: {
|
1686
1733
|
# country: "CountryCodeString",
|
@@ -1697,6 +1744,12 @@ module Aws::ACMPCA
|
|
1697
1744
|
# initials: "String5",
|
1698
1745
|
# pseudonym: "String128",
|
1699
1746
|
# generation_qualifier: "String3",
|
1747
|
+
# custom_attributes: [
|
1748
|
+
# {
|
1749
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1750
|
+
# value: "String1To256", # required
|
1751
|
+
# },
|
1752
|
+
# ],
|
1700
1753
|
# },
|
1701
1754
|
# },
|
1702
1755
|
# certificate_authority_arn: "Arn", # required
|
@@ -1795,6 +1848,9 @@ module Aws::ACMPCA
|
|
1795
1848
|
# resp.certificate_authorities[0].certificate_authority_configuration.subject.initials #=> String
|
1796
1849
|
# resp.certificate_authorities[0].certificate_authority_configuration.subject.pseudonym #=> String
|
1797
1850
|
# resp.certificate_authorities[0].certificate_authority_configuration.subject.generation_qualifier #=> String
|
1851
|
+
# resp.certificate_authorities[0].certificate_authority_configuration.subject.custom_attributes #=> Array
|
1852
|
+
# resp.certificate_authorities[0].certificate_authority_configuration.subject.custom_attributes[0].object_identifier #=> String
|
1853
|
+
# resp.certificate_authorities[0].certificate_authority_configuration.subject.custom_attributes[0].value #=> String
|
1798
1854
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.key_usage.digital_signature #=> Boolean
|
1799
1855
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.key_usage.non_repudiation #=> Boolean
|
1800
1856
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.key_usage.key_encipherment #=> Boolean
|
@@ -1825,6 +1881,9 @@ module Aws::ACMPCA
|
|
1825
1881
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.initials #=> String
|
1826
1882
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.pseudonym #=> String
|
1827
1883
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.generation_qualifier #=> String
|
1884
|
+
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.custom_attributes #=> Array
|
1885
|
+
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.custom_attributes[0].object_identifier #=> String
|
1886
|
+
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.directory_name.custom_attributes[0].value #=> String
|
1828
1887
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.edi_party_name.party_name #=> String
|
1829
1888
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.edi_party_name.name_assigner #=> String
|
1830
1889
|
# resp.certificate_authorities[0].certificate_authority_configuration.csr_extensions.subject_information_access[0].access_location.uniform_resource_identifier #=> String
|
@@ -1850,11 +1909,11 @@ module Aws::ACMPCA
|
|
1850
1909
|
req.send_request(options)
|
1851
1910
|
end
|
1852
1911
|
|
1853
|
-
# List all permissions on a private CA, if any, granted to the
|
1912
|
+
# List all permissions on a private CA, if any, granted to the
|
1854
1913
|
# Certificate Manager (ACM) service principal (acm.amazonaws.com).
|
1855
1914
|
#
|
1856
1915
|
# These permissions allow ACM to issue and renew ACM certificates that
|
1857
|
-
# reside in the same
|
1916
|
+
# reside in the same Amazon Web Services account as the CA.
|
1858
1917
|
#
|
1859
1918
|
# Permissions can be granted with the [CreatePermission][1] action and
|
1860
1919
|
# revoked with the [DeletePermission][2] action.
|
@@ -2010,22 +2069,23 @@ module Aws::ACMPCA
|
|
2010
2069
|
|
2011
2070
|
# Attaches a resource-based policy to a private CA.
|
2012
2071
|
#
|
2013
|
-
# A policy can also be applied by sharing a private CA through
|
2014
|
-
# Resource Access Manager (RAM). For more information, see
|
2015
|
-
# Policy for Cross-Account Access][1].
|
2072
|
+
# A policy can also be applied by sharing a private CA through Amazon
|
2073
|
+
# Web Services Resource Access Manager (RAM). For more information, see
|
2074
|
+
# [Attach a Policy for Cross-Account Access][1].
|
2016
2075
|
#
|
2017
2076
|
# The policy can be displayed with [GetPolicy][2] and removed with
|
2018
2077
|
# [DeletePolicy][3].
|
2019
2078
|
#
|
2020
2079
|
# **About Policies**
|
2021
2080
|
#
|
2022
|
-
# * A policy grants access on a private CA to an
|
2023
|
-
# to
|
2024
|
-
#
|
2025
|
-
#
|
2081
|
+
# * A policy grants access on a private CA to an Amazon Web Services
|
2082
|
+
# customer account, to Amazon Web Services Organizations, or to an
|
2083
|
+
# Amazon Web Services Organizations unit. Policies are under the
|
2084
|
+
# control of a CA administrator. For more information, see [Using a
|
2085
|
+
# Resource Based Policy with ACM Private CA][4].
|
2026
2086
|
#
|
2027
|
-
# * A policy permits a user of
|
2028
|
-
#
|
2087
|
+
# * A policy permits a user of Certificate Manager (ACM) to issue ACM
|
2088
|
+
# certificates signed by a CA in another account.
|
2029
2089
|
#
|
2030
2090
|
# * For ACM to manage automatic renewal of these certificates, the ACM
|
2031
2091
|
# user must configure a Service Linked Role (SLR). The SLR allows the
|
@@ -2033,9 +2093,9 @@ module Aws::ACMPCA
|
|
2033
2093
|
# confirmation against the ACM Private CA policy. For more
|
2034
2094
|
# information, see [Using a Service Linked Role with ACM][5].
|
2035
2095
|
#
|
2036
|
-
# * Updates made in
|
2037
|
-
# policies. For more information, see [Attach a Policy
|
2038
|
-
# Cross-Account Access][1].
|
2096
|
+
# * Updates made in Amazon Web Services Resource Manager (RAM) are
|
2097
|
+
# reflected in policies. For more information, see [Attach a Policy
|
2098
|
+
# for Cross-Account Access][1].
|
2039
2099
|
#
|
2040
2100
|
#
|
2041
2101
|
#
|
@@ -2154,7 +2214,7 @@ module Aws::ACMPCA
|
|
2154
2214
|
# <note markdown="1"> Both PCA and the IAM principal must have permission to write to the S3
|
2155
2215
|
# bucket that you specify. If the IAM principal making the call does not
|
2156
2216
|
# have permission to write to the bucket, then an exception is thrown.
|
2157
|
-
# For more information, see [
|
2217
|
+
# For more information, see [Access policies for CRLs in Amazon S3][2].
|
2158
2218
|
#
|
2159
2219
|
# </note>
|
2160
2220
|
#
|
@@ -2168,7 +2228,7 @@ module Aws::ACMPCA
|
|
2168
2228
|
#
|
2169
2229
|
#
|
2170
2230
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaCloudWatch.html
|
2171
|
-
# [2]: https://docs.aws.amazon.com/acm-pca/latest/userguide/
|
2231
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/userguide/crl-planning.html#s3-policies
|
2172
2232
|
# [3]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthorityAuditReport.html
|
2173
2233
|
#
|
2174
2234
|
# @option params [required, String] :certificate_authority_arn
|
@@ -2190,7 +2250,7 @@ module Aws::ACMPCA
|
|
2190
2250
|
# `openssl x509 -in file_path -text -noout`
|
2191
2251
|
#
|
2192
2252
|
# You can also copy the serial number from the console or use the
|
2193
|
-
# [DescribeCertificate][2] action in the *
|
2253
|
+
# [DescribeCertificate][2] action in the *Certificate Manager API
|
2194
2254
|
# Reference*.
|
2195
2255
|
#
|
2196
2256
|
#
|
@@ -2221,15 +2281,15 @@ module Aws::ACMPCA
|
|
2221
2281
|
end
|
2222
2282
|
|
2223
2283
|
# Adds one or more tags to your private CA. Tags are labels that you can
|
2224
|
-
# use to identify and organize your
|
2225
|
-
# a key and an optional value. You specify the private
|
2226
|
-
# its Amazon Resource Name (ARN). You specify the tag by
|
2227
|
-
# key-value pair. You can apply a tag to just one private CA if
|
2228
|
-
# to identify a specific characteristic of that CA, or you can
|
2229
|
-
# same tag to multiple private CAs if you want to filter for a
|
2230
|
-
# relationship among those CAs. To remove one or more tags, use
|
2231
|
-
# [UntagCertificateAuthority][1] action. Call the [ListTags][2]
|
2232
|
-
# to see what tags are associated with your CA.
|
2284
|
+
# use to identify and organize your Amazon Web Services resources. Each
|
2285
|
+
# tag consists of a key and an optional value. You specify the private
|
2286
|
+
# CA on input by its Amazon Resource Name (ARN). You specify the tag by
|
2287
|
+
# using a key-value pair. You can apply a tag to just one private CA if
|
2288
|
+
# you want to identify a specific characteristic of that CA, or you can
|
2289
|
+
# apply the same tag to multiple private CAs if you want to filter for a
|
2290
|
+
# common relationship among those CAs. To remove one or more tags, use
|
2291
|
+
# the [UntagCertificateAuthority][1] action. Call the [ListTags][2]
|
2292
|
+
# action to see what tags are associated with your CA.
|
2233
2293
|
#
|
2234
2294
|
#
|
2235
2295
|
#
|
@@ -2332,13 +2392,13 @@ module Aws::ACMPCA
|
|
2332
2392
|
# <note markdown="1"> Both PCA and the IAM principal must have permission to write to the S3
|
2333
2393
|
# bucket that you specify. If the IAM principal making the call does not
|
2334
2394
|
# have permission to write to the bucket, then an exception is thrown.
|
2335
|
-
# For more information, see [
|
2395
|
+
# For more information, see [Access policies for CRLs in Amazon S3][1].
|
2336
2396
|
#
|
2337
2397
|
# </note>
|
2338
2398
|
#
|
2339
2399
|
#
|
2340
2400
|
#
|
2341
|
-
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/
|
2401
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/crl-planning.html#s3-policies
|
2342
2402
|
#
|
2343
2403
|
# @option params [required, String] :certificate_authority_arn
|
2344
2404
|
# Amazon Resource Name (ARN) of the private CA that issued the
|
@@ -2406,7 +2466,7 @@ module Aws::ACMPCA
|
|
2406
2466
|
params: params,
|
2407
2467
|
config: config)
|
2408
2468
|
context[:gem_name] = 'aws-sdk-acmpca'
|
2409
|
-
context[:gem_version] = '1.
|
2469
|
+
context[:gem_version] = '1.48.0'
|
2410
2470
|
Seahorse::Client::Request.new(handlers, context)
|
2411
2471
|
end
|
2412
2472
|
|
@@ -28,6 +28,7 @@ module Aws::ACMPCA
|
|
28
28
|
AuditReportId = Shapes::StringShape.new(name: 'AuditReportId')
|
29
29
|
AuditReportResponseFormat = Shapes::StringShape.new(name: 'AuditReportResponseFormat')
|
30
30
|
AuditReportStatus = Shapes::StringShape.new(name: 'AuditReportStatus')
|
31
|
+
Base64String1To4096 = Shapes::StringShape.new(name: 'Base64String1To4096')
|
31
32
|
Boolean = Shapes::BooleanShape.new(name: 'Boolean')
|
32
33
|
CertificateAuthorities = Shapes::ListShape.new(name: 'CertificateAuthorities')
|
33
34
|
CertificateAuthority = Shapes::StructureShape.new(name: 'CertificateAuthority')
|
@@ -51,6 +52,10 @@ module Aws::ACMPCA
|
|
51
52
|
CsrBlob = Shapes::BlobShape.new(name: 'CsrBlob')
|
52
53
|
CsrBody = Shapes::StringShape.new(name: 'CsrBody')
|
53
54
|
CsrExtensions = Shapes::StructureShape.new(name: 'CsrExtensions')
|
55
|
+
CustomAttribute = Shapes::StructureShape.new(name: 'CustomAttribute')
|
56
|
+
CustomAttributeList = Shapes::ListShape.new(name: 'CustomAttributeList')
|
57
|
+
CustomExtension = Shapes::StructureShape.new(name: 'CustomExtension')
|
58
|
+
CustomExtensionList = Shapes::ListShape.new(name: 'CustomExtensionList')
|
54
59
|
CustomObjectIdentifier = Shapes::StringShape.new(name: 'CustomObjectIdentifier')
|
55
60
|
DeleteCertificateAuthorityRequest = Shapes::StructureShape.new(name: 'DeleteCertificateAuthorityRequest')
|
56
61
|
DeletePermissionRequest = Shapes::StructureShape.new(name: 'DeletePermissionRequest')
|
@@ -132,6 +137,7 @@ module Aws::ACMPCA
|
|
132
137
|
String = Shapes::StringShape.new(name: 'String')
|
133
138
|
String128 = Shapes::StringShape.new(name: 'String128')
|
134
139
|
String16 = Shapes::StringShape.new(name: 'String16')
|
140
|
+
String1To256 = Shapes::StringShape.new(name: 'String1To256')
|
135
141
|
String253 = Shapes::StringShape.new(name: 'String253')
|
136
142
|
String256 = Shapes::StringShape.new(name: 'String256')
|
137
143
|
String3 = Shapes::StringShape.new(name: 'String3')
|
@@ -166,6 +172,7 @@ module Aws::ACMPCA
|
|
166
172
|
ASN1Subject.add_member(:initials, Shapes::ShapeRef.new(shape: String5, location_name: "Initials"))
|
167
173
|
ASN1Subject.add_member(:pseudonym, Shapes::ShapeRef.new(shape: String128, location_name: "Pseudonym"))
|
168
174
|
ASN1Subject.add_member(:generation_qualifier, Shapes::ShapeRef.new(shape: String3, location_name: "GenerationQualifier"))
|
175
|
+
ASN1Subject.add_member(:custom_attributes, Shapes::ShapeRef.new(shape: CustomAttributeList, location_name: "CustomAttributes"))
|
169
176
|
ASN1Subject.struct_class = Types::ASN1Subject
|
170
177
|
|
171
178
|
AccessDescription.add_member(:access_method, Shapes::ShapeRef.new(shape: AccessMethod, required: true, location_name: "AccessMethod"))
|
@@ -253,6 +260,19 @@ module Aws::ACMPCA
|
|
253
260
|
CsrExtensions.add_member(:subject_information_access, Shapes::ShapeRef.new(shape: AccessDescriptionList, location_name: "SubjectInformationAccess"))
|
254
261
|
CsrExtensions.struct_class = Types::CsrExtensions
|
255
262
|
|
263
|
+
CustomAttribute.add_member(:object_identifier, Shapes::ShapeRef.new(shape: CustomObjectIdentifier, required: true, location_name: "ObjectIdentifier"))
|
264
|
+
CustomAttribute.add_member(:value, Shapes::ShapeRef.new(shape: String1To256, required: true, location_name: "Value"))
|
265
|
+
CustomAttribute.struct_class = Types::CustomAttribute
|
266
|
+
|
267
|
+
CustomAttributeList.member = Shapes::ShapeRef.new(shape: CustomAttribute)
|
268
|
+
|
269
|
+
CustomExtension.add_member(:object_identifier, Shapes::ShapeRef.new(shape: CustomObjectIdentifier, required: true, location_name: "ObjectIdentifier"))
|
270
|
+
CustomExtension.add_member(:value, Shapes::ShapeRef.new(shape: Base64String1To4096, required: true, location_name: "Value"))
|
271
|
+
CustomExtension.add_member(:critical, Shapes::ShapeRef.new(shape: Boolean, location_name: "Critical", metadata: {"box"=>true}))
|
272
|
+
CustomExtension.struct_class = Types::CustomExtension
|
273
|
+
|
274
|
+
CustomExtensionList.member = Shapes::ShapeRef.new(shape: CustomExtension)
|
275
|
+
|
256
276
|
DeleteCertificateAuthorityRequest.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateAuthorityArn"))
|
257
277
|
DeleteCertificateAuthorityRequest.add_member(:permanent_deletion_time_in_days, Shapes::ShapeRef.new(shape: PermanentDeletionTimeInDays, location_name: "PermanentDeletionTimeInDays"))
|
258
278
|
DeleteCertificateAuthorityRequest.struct_class = Types::DeleteCertificateAuthorityRequest
|
@@ -295,6 +315,7 @@ module Aws::ACMPCA
|
|
295
315
|
Extensions.add_member(:extended_key_usage, Shapes::ShapeRef.new(shape: ExtendedKeyUsageList, location_name: "ExtendedKeyUsage"))
|
296
316
|
Extensions.add_member(:key_usage, Shapes::ShapeRef.new(shape: KeyUsage, location_name: "KeyUsage"))
|
297
317
|
Extensions.add_member(:subject_alternative_names, Shapes::ShapeRef.new(shape: GeneralNameList, location_name: "SubjectAlternativeNames"))
|
318
|
+
Extensions.add_member(:custom_extensions, Shapes::ShapeRef.new(shape: CustomExtensionList, location_name: "CustomExtensions"))
|
298
319
|
Extensions.struct_class = Types::Extensions
|
299
320
|
|
300
321
|
GeneralName.add_member(:other_name, Shapes::ShapeRef.new(shape: OtherName, location_name: "OtherName"))
|
data/lib/aws-sdk-acmpca/types.rb
CHANGED
@@ -35,6 +35,12 @@ module Aws::ACMPCA
|
|
35
35
|
# initials: "String5",
|
36
36
|
# pseudonym: "String128",
|
37
37
|
# generation_qualifier: "String3",
|
38
|
+
# custom_attributes: [
|
39
|
+
# {
|
40
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
41
|
+
# value: "String1To256", # required
|
42
|
+
# },
|
43
|
+
# ],
|
38
44
|
# }
|
39
45
|
#
|
40
46
|
# @!attribute [rw] country
|
@@ -110,6 +116,22 @@ module Aws::ACMPCA
|
|
110
116
|
# Examples include Jr. for junior, Sr. for senior, and III for third.
|
111
117
|
# @return [String]
|
112
118
|
#
|
119
|
+
# @!attribute [rw] custom_attributes
|
120
|
+
# Contains a sequence of one or more X.500 relative distinguished
|
121
|
+
# names (RDNs), each of which consists of an object identifier (OID)
|
122
|
+
# and a value. For more information, see NIST’s definition of [Object
|
123
|
+
# Identifier (OID)][1].
|
124
|
+
#
|
125
|
+
# <note markdown="1"> Custom attributes cannot be used in combination with standard
|
126
|
+
# attributes.
|
127
|
+
#
|
128
|
+
# </note>
|
129
|
+
#
|
130
|
+
#
|
131
|
+
#
|
132
|
+
# [1]: https://csrc.nist.gov/glossary/term/Object_Identifier
|
133
|
+
# @return [Array<Types::CustomAttribute>]
|
134
|
+
#
|
113
135
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/ASN1Subject AWS API Documentation
|
114
136
|
#
|
115
137
|
class ASN1Subject < Struct.new(
|
@@ -126,7 +148,8 @@ module Aws::ACMPCA
|
|
126
148
|
:given_name,
|
127
149
|
:initials,
|
128
150
|
:pseudonym,
|
129
|
-
:generation_qualifier
|
151
|
+
:generation_qualifier,
|
152
|
+
:custom_attributes)
|
130
153
|
SENSITIVE = []
|
131
154
|
include Aws::Structure
|
132
155
|
end
|
@@ -136,7 +159,7 @@ module Aws::ACMPCA
|
|
136
159
|
#
|
137
160
|
#
|
138
161
|
#
|
139
|
-
# [1]: https://
|
162
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280
|
140
163
|
#
|
141
164
|
# @note When making an API call, you may pass AccessDescription
|
142
165
|
# data as a hash:
|
@@ -168,6 +191,12 @@ module Aws::ACMPCA
|
|
168
191
|
# initials: "String5",
|
169
192
|
# pseudonym: "String128",
|
170
193
|
# generation_qualifier: "String3",
|
194
|
+
# custom_attributes: [
|
195
|
+
# {
|
196
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
197
|
+
# value: "String1To256", # required
|
198
|
+
# },
|
199
|
+
# ],
|
171
200
|
# },
|
172
201
|
# edi_party_name: {
|
173
202
|
# party_name: "String256", # required
|
@@ -301,6 +330,12 @@ module Aws::ACMPCA
|
|
301
330
|
# initials: "String5",
|
302
331
|
# pseudonym: "String128",
|
303
332
|
# generation_qualifier: "String3",
|
333
|
+
# custom_attributes: [
|
334
|
+
# {
|
335
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
336
|
+
# value: "String1To256", # required
|
337
|
+
# },
|
338
|
+
# ],
|
304
339
|
# },
|
305
340
|
# edi_party_name: {
|
306
341
|
# party_name: "String256", # required
|
@@ -311,6 +346,13 @@ module Aws::ACMPCA
|
|
311
346
|
# registered_id: "CustomObjectIdentifier",
|
312
347
|
# },
|
313
348
|
# ],
|
349
|
+
# custom_extensions: [
|
350
|
+
# {
|
351
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
352
|
+
# value: "Base64String1To4096", # required
|
353
|
+
# critical: false,
|
354
|
+
# },
|
355
|
+
# ],
|
314
356
|
# },
|
315
357
|
# subject: {
|
316
358
|
# country: "CountryCodeString",
|
@@ -327,6 +369,12 @@ module Aws::ACMPCA
|
|
327
369
|
# initials: "String5",
|
328
370
|
# pseudonym: "String128",
|
329
371
|
# generation_qualifier: "String3",
|
372
|
+
# custom_attributes: [
|
373
|
+
# {
|
374
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
375
|
+
# value: "String1To256", # required
|
376
|
+
# },
|
377
|
+
# ],
|
330
378
|
# },
|
331
379
|
# }
|
332
380
|
#
|
@@ -363,7 +411,7 @@ module Aws::ACMPCA
|
|
363
411
|
# retrieve a private CA certificate signing request (CSR). Sign the CSR
|
364
412
|
# with your ACM Private CA-hosted or on-premises root or subordinate CA
|
365
413
|
# certificate. Call the [ImportCertificateAuthorityCertificate][3]
|
366
|
-
# action to import the signed certificate into
|
414
|
+
# action to import the signed certificate into Certificate Manager
|
367
415
|
# (ACM).
|
368
416
|
#
|
369
417
|
#
|
@@ -378,7 +426,8 @@ module Aws::ACMPCA
|
|
378
426
|
# @return [String]
|
379
427
|
#
|
380
428
|
# @!attribute [rw] owner_account
|
381
|
-
# The
|
429
|
+
# The Amazon Web Services account ID that owns the certificate
|
430
|
+
# authority.
|
382
431
|
# @return [String]
|
383
432
|
#
|
384
433
|
# @!attribute [rw] created_at
|
@@ -439,7 +488,7 @@ module Aws::ACMPCA
|
|
439
488
|
#
|
440
489
|
# Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
|
441
490
|
#
|
442
|
-
# Note:
|
491
|
+
# Note: Amazon Web Services Region ap-northeast-3 supports only
|
443
492
|
# FIPS\_140\_2\_LEVEL\_2\_OR\_HIGHER. You must explicitly specify this
|
444
493
|
# parameter and value when creating a CA in that Region. Specifying a
|
445
494
|
# different value (or no value) results in an `InvalidArgsException`
|
@@ -501,6 +550,12 @@ module Aws::ACMPCA
|
|
501
550
|
# initials: "String5",
|
502
551
|
# pseudonym: "String128",
|
503
552
|
# generation_qualifier: "String3",
|
553
|
+
# custom_attributes: [
|
554
|
+
# {
|
555
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
556
|
+
# value: "String1To256", # required
|
557
|
+
# },
|
558
|
+
# ],
|
504
559
|
# },
|
505
560
|
# csr_extensions: {
|
506
561
|
# key_usage: {
|
@@ -542,6 +597,12 @@ module Aws::ACMPCA
|
|
542
597
|
# initials: "String5",
|
543
598
|
# pseudonym: "String128",
|
544
599
|
# generation_qualifier: "String3",
|
600
|
+
# custom_attributes: [
|
601
|
+
# {
|
602
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
603
|
+
# value: "String1To256", # required
|
604
|
+
# },
|
605
|
+
# ],
|
545
606
|
# },
|
546
607
|
# edi_party_name: {
|
547
608
|
# party_name: "String256", # required
|
@@ -695,6 +756,12 @@ module Aws::ACMPCA
|
|
695
756
|
# initials: "String5",
|
696
757
|
# pseudonym: "String128",
|
697
758
|
# generation_qualifier: "String3",
|
759
|
+
# custom_attributes: [
|
760
|
+
# {
|
761
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
762
|
+
# value: "String1To256", # required
|
763
|
+
# },
|
764
|
+
# ],
|
698
765
|
# },
|
699
766
|
# csr_extensions: {
|
700
767
|
# key_usage: {
|
@@ -736,6 +803,12 @@ module Aws::ACMPCA
|
|
736
803
|
# initials: "String5",
|
737
804
|
# pseudonym: "String128",
|
738
805
|
# generation_qualifier: "String3",
|
806
|
+
# custom_attributes: [
|
807
|
+
# {
|
808
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
809
|
+
# value: "String1To256", # required
|
810
|
+
# },
|
811
|
+
# ],
|
739
812
|
# },
|
740
813
|
# edi_party_name: {
|
741
814
|
# party_name: "String256", # required
|
@@ -888,8 +961,9 @@ module Aws::ACMPCA
|
|
888
961
|
# @return [String]
|
889
962
|
#
|
890
963
|
# @!attribute [rw] principal
|
891
|
-
# The
|
892
|
-
# time, the only valid principal is
|
964
|
+
# The Amazon Web Services service or identity that receives the
|
965
|
+
# permission. At this time, the only valid principal is
|
966
|
+
# `acm.amazonaws.com`.
|
893
967
|
# @return [String]
|
894
968
|
#
|
895
969
|
# @!attribute [rw] source_account
|
@@ -897,8 +971,9 @@ module Aws::ACMPCA
|
|
897
971
|
# @return [String]
|
898
972
|
#
|
899
973
|
# @!attribute [rw] actions
|
900
|
-
# The actions that the specified
|
901
|
-
# include `IssueCertificate`, `GetCertificate`, and
|
974
|
+
# The actions that the specified Amazon Web Services service principal
|
975
|
+
# can use. These include `IssueCertificate`, `GetCertificate`, and
|
976
|
+
# `ListPermissions`.
|
902
977
|
# @return [Array<String>]
|
903
978
|
#
|
904
979
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CreatePermissionRequest AWS API Documentation
|
@@ -928,10 +1003,10 @@ module Aws::ACMPCA
|
|
928
1003
|
#
|
929
1004
|
# Your private CA uses the value in the **ExpirationInDays** parameter
|
930
1005
|
# to calculate the **nextUpdate** field in the CRL. The CRL is refreshed
|
931
|
-
#
|
932
|
-
# certificate is revoked, it
|
933
|
-
#
|
934
|
-
#
|
1006
|
+
# prior to a certificate's expiration date or when a certificate is
|
1007
|
+
# revoked. When a certificate is revoked, it appears in the CRL until
|
1008
|
+
# the certificate expires, and then in one additional CRL after
|
1009
|
+
# expiration, and it always appears in the audit report.
|
935
1010
|
#
|
936
1011
|
# A CRL is typically updated approximately 30 minutes after a
|
937
1012
|
# certificate is revoked. If for any reason a CRL update fails, ACM
|
@@ -985,8 +1060,8 @@ module Aws::ACMPCA
|
|
985
1060
|
# `openssl crl -inform DER -text -in crl_path -noout`
|
986
1061
|
#
|
987
1062
|
# For more information, see [Planning a certificate revocation list
|
988
|
-
# (CRL)][2] in the *
|
989
|
-
#
|
1063
|
+
# (CRL)][2] in the *Certificate Manager Private Certificate Authority
|
1064
|
+
# (PCA) User Guide*
|
990
1065
|
#
|
991
1066
|
#
|
992
1067
|
#
|
@@ -1127,6 +1202,12 @@ module Aws::ACMPCA
|
|
1127
1202
|
# initials: "String5",
|
1128
1203
|
# pseudonym: "String128",
|
1129
1204
|
# generation_qualifier: "String3",
|
1205
|
+
# custom_attributes: [
|
1206
|
+
# {
|
1207
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1208
|
+
# value: "String1To256", # required
|
1209
|
+
# },
|
1210
|
+
# ],
|
1130
1211
|
# },
|
1131
1212
|
# edi_party_name: {
|
1132
1213
|
# party_name: "String256", # required
|
@@ -1152,7 +1233,7 @@ module Aws::ACMPCA
|
|
1152
1233
|
#
|
1153
1234
|
#
|
1154
1235
|
#
|
1155
|
-
# [1]: https://
|
1236
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.2
|
1156
1237
|
# @return [Array<Types::AccessDescription>]
|
1157
1238
|
#
|
1158
1239
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CsrExtensions AWS API Documentation
|
@@ -1164,6 +1245,79 @@ module Aws::ACMPCA
|
|
1164
1245
|
include Aws::Structure
|
1165
1246
|
end
|
1166
1247
|
|
1248
|
+
# Defines the X.500 relative distinguished name (RDN).
|
1249
|
+
#
|
1250
|
+
# @note When making an API call, you may pass CustomAttribute
|
1251
|
+
# data as a hash:
|
1252
|
+
#
|
1253
|
+
# {
|
1254
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1255
|
+
# value: "String1To256", # required
|
1256
|
+
# }
|
1257
|
+
#
|
1258
|
+
# @!attribute [rw] object_identifier
|
1259
|
+
# Specifies the object identifier (OID) of the attribute type of the
|
1260
|
+
# relative distinguished name (RDN).
|
1261
|
+
# @return [String]
|
1262
|
+
#
|
1263
|
+
# @!attribute [rw] value
|
1264
|
+
# Specifies the attribute value of relative distinguished name (RDN).
|
1265
|
+
# @return [String]
|
1266
|
+
#
|
1267
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CustomAttribute AWS API Documentation
|
1268
|
+
#
|
1269
|
+
class CustomAttribute < Struct.new(
|
1270
|
+
:object_identifier,
|
1271
|
+
:value)
|
1272
|
+
SENSITIVE = []
|
1273
|
+
include Aws::Structure
|
1274
|
+
end
|
1275
|
+
|
1276
|
+
# Specifies the X.509 extension information for a certificate.
|
1277
|
+
#
|
1278
|
+
# Extensions present in `CustomExtensions` follow the `ApiPassthrough`
|
1279
|
+
# [template rules][1].
|
1280
|
+
#
|
1281
|
+
#
|
1282
|
+
#
|
1283
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/UsingTemplates.html#template-order-of-operations
|
1284
|
+
#
|
1285
|
+
# @note When making an API call, you may pass CustomExtension
|
1286
|
+
# data as a hash:
|
1287
|
+
#
|
1288
|
+
# {
|
1289
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1290
|
+
# value: "Base64String1To4096", # required
|
1291
|
+
# critical: false,
|
1292
|
+
# }
|
1293
|
+
#
|
1294
|
+
# @!attribute [rw] object_identifier
|
1295
|
+
# Specifies the object identifier (OID) of the X.509 extension. For
|
1296
|
+
# more information, see the [Global OID reference database.][1]
|
1297
|
+
#
|
1298
|
+
#
|
1299
|
+
#
|
1300
|
+
# [1]: https://oidref.com/2.5.29
|
1301
|
+
# @return [String]
|
1302
|
+
#
|
1303
|
+
# @!attribute [rw] value
|
1304
|
+
# Specifies the base64-encoded value of the X.509 extension.
|
1305
|
+
# @return [String]
|
1306
|
+
#
|
1307
|
+
# @!attribute [rw] critical
|
1308
|
+
# Specifies the critical flag of the X.509 extension.
|
1309
|
+
# @return [Boolean]
|
1310
|
+
#
|
1311
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CustomExtension AWS API Documentation
|
1312
|
+
#
|
1313
|
+
class CustomExtension < Struct.new(
|
1314
|
+
:object_identifier,
|
1315
|
+
:value,
|
1316
|
+
:critical)
|
1317
|
+
SENSITIVE = []
|
1318
|
+
include Aws::Structure
|
1319
|
+
end
|
1320
|
+
|
1167
1321
|
# @note When making an API call, you may pass DeleteCertificateAuthorityRequest
|
1168
1322
|
# data as a hash:
|
1169
1323
|
#
|
@@ -1223,13 +1377,13 @@ module Aws::ACMPCA
|
|
1223
1377
|
# @return [String]
|
1224
1378
|
#
|
1225
1379
|
# @!attribute [rw] principal
|
1226
|
-
# The
|
1227
|
-
# revoked. At this time, the only valid service principal
|
1228
|
-
# `acm.amazonaws.com`
|
1380
|
+
# The Amazon Web Services service or identity that will have its CA
|
1381
|
+
# permissions revoked. At this time, the only valid service principal
|
1382
|
+
# is `acm.amazonaws.com`
|
1229
1383
|
# @return [String]
|
1230
1384
|
#
|
1231
1385
|
# @!attribute [rw] source_account
|
1232
|
-
# The
|
1386
|
+
# The Amazon Web Services account that calls this action.
|
1233
1387
|
# @return [String]
|
1234
1388
|
#
|
1235
1389
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DeletePermissionRequest AWS API Documentation
|
@@ -1381,7 +1535,7 @@ module Aws::ACMPCA
|
|
1381
1535
|
#
|
1382
1536
|
#
|
1383
1537
|
#
|
1384
|
-
# [1]: https://
|
1538
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280
|
1385
1539
|
#
|
1386
1540
|
# @note When making an API call, you may pass EdiPartyName
|
1387
1541
|
# data as a hash:
|
@@ -1426,7 +1580,7 @@ module Aws::ACMPCA
|
|
1426
1580
|
#
|
1427
1581
|
#
|
1428
1582
|
#
|
1429
|
-
# [1]: https://
|
1583
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12
|
1430
1584
|
# @return [String]
|
1431
1585
|
#
|
1432
1586
|
# @!attribute [rw] extended_key_usage_object_identifier
|
@@ -1502,6 +1656,12 @@ module Aws::ACMPCA
|
|
1502
1656
|
# initials: "String5",
|
1503
1657
|
# pseudonym: "String128",
|
1504
1658
|
# generation_qualifier: "String3",
|
1659
|
+
# custom_attributes: [
|
1660
|
+
# {
|
1661
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1662
|
+
# value: "String1To256", # required
|
1663
|
+
# },
|
1664
|
+
# ],
|
1505
1665
|
# },
|
1506
1666
|
# edi_party_name: {
|
1507
1667
|
# party_name: "String256", # required
|
@@ -1512,6 +1672,13 @@ module Aws::ACMPCA
|
|
1512
1672
|
# registered_id: "CustomObjectIdentifier",
|
1513
1673
|
# },
|
1514
1674
|
# ],
|
1675
|
+
# custom_extensions: [
|
1676
|
+
# {
|
1677
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1678
|
+
# value: "Base64String1To4096", # required
|
1679
|
+
# critical: false,
|
1680
|
+
# },
|
1681
|
+
# ],
|
1515
1682
|
# }
|
1516
1683
|
#
|
1517
1684
|
# @!attribute [rw] certificate_policies
|
@@ -1548,13 +1715,31 @@ module Aws::ACMPCA
|
|
1548
1715
|
# the certificate.
|
1549
1716
|
# @return [Array<Types::GeneralName>]
|
1550
1717
|
#
|
1718
|
+
# @!attribute [rw] custom_extensions
|
1719
|
+
# Contains a sequence of one or more X.509 extensions, each of which
|
1720
|
+
# consists of an object identifier (OID), a base64-encoded value, and
|
1721
|
+
# the critical flag. For more information, see the [Global OID
|
1722
|
+
# reference database.][1]
|
1723
|
+
#
|
1724
|
+
# <note markdown="1"> The OID value of a [CustomExtension][2] must not match the OID of a
|
1725
|
+
# predefined extension.
|
1726
|
+
#
|
1727
|
+
# </note>
|
1728
|
+
#
|
1729
|
+
#
|
1730
|
+
#
|
1731
|
+
# [1]: https://oidref.com/2.5.29
|
1732
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CustomExtension.html
|
1733
|
+
# @return [Array<Types::CustomExtension>]
|
1734
|
+
#
|
1551
1735
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/Extensions AWS API Documentation
|
1552
1736
|
#
|
1553
1737
|
class Extensions < Struct.new(
|
1554
1738
|
:certificate_policies,
|
1555
1739
|
:extended_key_usage,
|
1556
1740
|
:key_usage,
|
1557
|
-
:subject_alternative_names
|
1741
|
+
:subject_alternative_names,
|
1742
|
+
:custom_extensions)
|
1558
1743
|
SENSITIVE = []
|
1559
1744
|
include Aws::Structure
|
1560
1745
|
end
|
@@ -1565,7 +1750,7 @@ module Aws::ACMPCA
|
|
1565
1750
|
#
|
1566
1751
|
#
|
1567
1752
|
#
|
1568
|
-
# [1]: https://
|
1753
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280
|
1569
1754
|
#
|
1570
1755
|
# @note When making an API call, you may pass GeneralName
|
1571
1756
|
# data as a hash:
|
@@ -1592,6 +1777,12 @@ module Aws::ACMPCA
|
|
1592
1777
|
# initials: "String5",
|
1593
1778
|
# pseudonym: "String128",
|
1594
1779
|
# generation_qualifier: "String3",
|
1780
|
+
# custom_attributes: [
|
1781
|
+
# {
|
1782
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
1783
|
+
# value: "String1To256", # required
|
1784
|
+
# },
|
1785
|
+
# ],
|
1595
1786
|
# },
|
1596
1787
|
# edi_party_name: {
|
1597
1788
|
# party_name: "String256", # required
|
@@ -1611,7 +1802,7 @@ module Aws::ACMPCA
|
|
1611
1802
|
#
|
1612
1803
|
#
|
1613
1804
|
#
|
1614
|
-
# [1]: https://
|
1805
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc822
|
1615
1806
|
# @return [String]
|
1616
1807
|
#
|
1617
1808
|
# @!attribute [rw] dns_name
|
@@ -2043,6 +2234,12 @@ module Aws::ACMPCA
|
|
2043
2234
|
# initials: "String5",
|
2044
2235
|
# pseudonym: "String128",
|
2045
2236
|
# generation_qualifier: "String3",
|
2237
|
+
# custom_attributes: [
|
2238
|
+
# {
|
2239
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
2240
|
+
# value: "String1To256", # required
|
2241
|
+
# },
|
2242
|
+
# ],
|
2046
2243
|
# },
|
2047
2244
|
# edi_party_name: {
|
2048
2245
|
# party_name: "String256", # required
|
@@ -2053,6 +2250,13 @@ module Aws::ACMPCA
|
|
2053
2250
|
# registered_id: "CustomObjectIdentifier",
|
2054
2251
|
# },
|
2055
2252
|
# ],
|
2253
|
+
# custom_extensions: [
|
2254
|
+
# {
|
2255
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
2256
|
+
# value: "Base64String1To4096", # required
|
2257
|
+
# critical: false,
|
2258
|
+
# },
|
2259
|
+
# ],
|
2056
2260
|
# },
|
2057
2261
|
# subject: {
|
2058
2262
|
# country: "CountryCodeString",
|
@@ -2069,6 +2273,12 @@ module Aws::ACMPCA
|
|
2069
2273
|
# initials: "String5",
|
2070
2274
|
# pseudonym: "String128",
|
2071
2275
|
# generation_qualifier: "String3",
|
2276
|
+
# custom_attributes: [
|
2277
|
+
# {
|
2278
|
+
# object_identifier: "CustomObjectIdentifier", # required
|
2279
|
+
# value: "String1To256", # required
|
2280
|
+
# },
|
2281
|
+
# ],
|
2072
2282
|
# },
|
2073
2283
|
# },
|
2074
2284
|
# certificate_authority_arn: "Arn", # required
|
@@ -2128,7 +2338,7 @@ module Aws::ACMPCA
|
|
2128
2338
|
# contains your X509 version 3 extensions.
|
2129
2339
|
#
|
2130
2340
|
# `openssl req -new -config openssl_rsa.cnf -extensions usr_cert
|
2131
|
-
# -newkey rsa:2048 -days
|
2341
|
+
# -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem
|
2132
2342
|
# -out csr/test_cert_.csr`
|
2133
2343
|
#
|
2134
2344
|
# Note: A CSR must provide either a *subject name* or a *subject
|
@@ -2142,6 +2352,11 @@ module Aws::ACMPCA
|
|
2142
2352
|
# This parameter should not be confused with the `SigningAlgorithm`
|
2143
2353
|
# parameter used to sign a CSR in the `CreateCertificateAuthority`
|
2144
2354
|
# action.
|
2355
|
+
#
|
2356
|
+
# <note markdown="1"> The specified signing algorithm family (RSA or ECDSA) much match the
|
2357
|
+
# algorithm family of the CA's secret key.
|
2358
|
+
#
|
2359
|
+
# </note>
|
2145
2360
|
# @return [String]
|
2146
2361
|
#
|
2147
2362
|
# @!attribute [rw] template_arn
|
@@ -2185,7 +2400,7 @@ module Aws::ACMPCA
|
|
2185
2400
|
#
|
2186
2401
|
#
|
2187
2402
|
#
|
2188
|
-
# [1]: https://
|
2403
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
|
2189
2404
|
# @return [Types::Validity]
|
2190
2405
|
#
|
2191
2406
|
# @!attribute [rw] validity_not_before
|
@@ -2210,7 +2425,7 @@ module Aws::ACMPCA
|
|
2210
2425
|
#
|
2211
2426
|
#
|
2212
2427
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_Validity.html
|
2213
|
-
# [2]: https://
|
2428
|
+
# [2]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
|
2214
2429
|
# @return [Types::Validity]
|
2215
2430
|
#
|
2216
2431
|
# @!attribute [rw] idempotency_token
|
@@ -2588,17 +2803,17 @@ module Aws::ACMPCA
|
|
2588
2803
|
# @return [Boolean]
|
2589
2804
|
#
|
2590
2805
|
# @!attribute [rw] ocsp_custom_cname
|
2591
|
-
# By default, ACM Private CA injects an
|
2592
|
-
# being validated by the Online Certificate Status
|
2593
|
-
# customer can alternatively use this object to
|
2594
|
-
# specifying a customized OCSP domain.
|
2806
|
+
# By default, ACM Private CA injects an Amazon Web Services domain
|
2807
|
+
# into certificates being validated by the Online Certificate Status
|
2808
|
+
# Protocol (OCSP). A customer can alternatively use this object to
|
2809
|
+
# define a CNAME specifying a customized OCSP domain.
|
2595
2810
|
#
|
2596
2811
|
# Note: The value of the CNAME must not include a protocol prefix such
|
2597
2812
|
# as "http://" or "https://".
|
2598
2813
|
#
|
2599
2814
|
# For more information, see [Customizing Online Certificate Status
|
2600
|
-
# Protocol (OCSP) ][1] in the *
|
2601
|
-
#
|
2815
|
+
# Protocol (OCSP) ][1] in the *Certificate Manager Private Certificate
|
2816
|
+
# Authority (PCA) User Guide*.
|
2602
2817
|
#
|
2603
2818
|
#
|
2604
2819
|
#
|
@@ -2649,12 +2864,13 @@ module Aws::ACMPCA
|
|
2649
2864
|
end
|
2650
2865
|
|
2651
2866
|
# Permissions designate which private CA actions can be performed by an
|
2652
|
-
#
|
2653
|
-
# certificates, you must give the ACM
|
2654
|
-
# permissions (`IssueCertificate`,
|
2655
|
-
# `ListPermissions`). Permissions can be assigned
|
2656
|
-
# [CreatePermission][1] action, removed with the
|
2657
|
-
# action, and listed with the [ListPermissions][3]
|
2867
|
+
# Amazon Web Services service or entity. In order for ACM to
|
2868
|
+
# automatically renew private certificates, you must give the ACM
|
2869
|
+
# service principal all available permissions (`IssueCertificate`,
|
2870
|
+
# `GetCertificate`, and `ListPermissions`). Permissions can be assigned
|
2871
|
+
# with the [CreatePermission][1] action, removed with the
|
2872
|
+
# [DeletePermission][2] action, and listed with the [ListPermissions][3]
|
2873
|
+
# action.
|
2658
2874
|
#
|
2659
2875
|
#
|
2660
2876
|
#
|
@@ -2672,8 +2888,8 @@ module Aws::ACMPCA
|
|
2672
2888
|
# @return [Time]
|
2673
2889
|
#
|
2674
2890
|
# @!attribute [rw] principal
|
2675
|
-
# The
|
2676
|
-
# the only valid principal is `acm.amazonaws.com`.
|
2891
|
+
# The Amazon Web Services service or entity that holds the permission.
|
2892
|
+
# At this time, the only valid principal is `acm.amazonaws.com`.
|
2677
2893
|
# @return [String]
|
2678
2894
|
#
|
2679
2895
|
# @!attribute [rw] source_account
|
@@ -2681,8 +2897,8 @@ module Aws::ACMPCA
|
|
2681
2897
|
# @return [String]
|
2682
2898
|
#
|
2683
2899
|
# @!attribute [rw] actions
|
2684
|
-
# The private CA actions that can be performed by the designated
|
2685
|
-
# service.
|
2900
|
+
# The private CA actions that can be performed by the designated
|
2901
|
+
# Amazon Web Services service.
|
2686
2902
|
# @return [Array<String>]
|
2687
2903
|
#
|
2688
2904
|
# @!attribute [rw] policy
|
@@ -2836,7 +3052,7 @@ module Aws::ACMPCA
|
|
2836
3052
|
#
|
2837
3053
|
#
|
2838
3054
|
#
|
2839
|
-
# [1]: https://
|
3055
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4
|
2840
3056
|
#
|
2841
3057
|
# @note When making an API call, you may pass Qualifier
|
2842
3058
|
# data as a hash:
|
@@ -2946,8 +3162,8 @@ module Aws::ACMPCA
|
|
2946
3162
|
# about certificates as requested by clients, and a CRL contains an
|
2947
3163
|
# updated list of certificates revoked by your CA. For more information,
|
2948
3164
|
# see [RevokeCertificate][3] and [Setting up a certificate revocation
|
2949
|
-
# method][4] in the *
|
2950
|
-
#
|
3165
|
+
# method][4] in the *Certificate Manager Private Certificate Authority
|
3166
|
+
# (PCA) User Guide*.
|
2951
3167
|
#
|
2952
3168
|
#
|
2953
3169
|
#
|
@@ -3026,7 +3242,7 @@ module Aws::ACMPCA
|
|
3026
3242
|
# `openssl x509 -in file_path -text -noout`
|
3027
3243
|
#
|
3028
3244
|
# You can also copy the serial number from the console or use the
|
3029
|
-
# [DescribeCertificate][2] action in the *
|
3245
|
+
# [DescribeCertificate][2] action in the *Certificate Manager API
|
3030
3246
|
# Reference*.
|
3031
3247
|
#
|
3032
3248
|
#
|
@@ -3247,7 +3463,7 @@ module Aws::ACMPCA
|
|
3247
3463
|
#
|
3248
3464
|
#
|
3249
3465
|
#
|
3250
|
-
# [1]: https://
|
3466
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
|
3251
3467
|
#
|
3252
3468
|
# @note When making an API call, you may pass Validity
|
3253
3469
|
# data as a hash:
|
data/lib/aws-sdk-acmpca.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-acmpca
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.48.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-03-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -19,7 +19,7 @@ dependencies:
|
|
19
19
|
version: '3'
|
20
20
|
- - ">="
|
21
21
|
- !ruby/object:Gem::Version
|
22
|
-
version: 3.
|
22
|
+
version: 3.127.0
|
23
23
|
type: :runtime
|
24
24
|
prerelease: false
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -29,7 +29,7 @@ dependencies:
|
|
29
29
|
version: '3'
|
30
30
|
- - ">="
|
31
31
|
- !ruby/object:Gem::Version
|
32
|
-
version: 3.
|
32
|
+
version: 3.127.0
|
33
33
|
- !ruby/object:Gem::Dependency
|
34
34
|
name: aws-sigv4
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|