aws-sdk-acmpca 1.48.0 → 1.50.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9d5e73b72e120fe6f31fdb18760aa8a128be5cc432116ce6084da30f9e8d3140
-  data.tar.gz: 85d9985fb896de12f98b252e9ed8608a056bd4dd98faf9b7f80530dc2e6049d4
+  metadata.gz: 05e21752805d796c4ee23b5fe338fa0cf6a93ba097d5627ae0b4d51a65601726
+  data.tar.gz: 967715dbdf0a69e677a5575b759f68b6b202d9370570f67dfce0e86ddfcd3c3e
 SHA512:
-  metadata.gz: a7f3210122e4e950a70270cdc69afa4f776e9ef3f73e5fbc7cb863d1e27910818bf909b461af3de8d3f574b9629d5c8d36563211e3d4f0f40f44ce053b71046d
-  data.tar.gz: 2d2e4e53f928df205f5c5624c502d17af55bf3c2d798ac821575380fb12dd59ece4369e7cff091183e2ebbc8bb271e3fb17ff92c74a6cbbce5d2bf12a343df57
+  metadata.gz: 74aa38c3f50ec94cc13f736ba36f1fab8c4beee05e533db3cec0f524420fe32f058c531e36dbbcd09e4841eb9509d2c4eb29ffbb2ffe1a30db889150975745c0
+  data.tar.gz: 7b0bf7646c5d66e93e56786330c721855f48f60f2f1b33237f05e553605a3daa6723b2e8beeb9c0243bc7f025cc2ccabf2ddaf59ac969d4d151e1b36e492006e

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.50.0 (2022-10-24)
+------------------
+
+* Feature - AWS Private Certificate Authority (AWS Private CA) now offers usage modes which are combination of features to address specific use cases.
+
+1.49.0 (2022-07-20)
+------------------
+
+* Feature - AWS Certificate Manager (ACM) Private Certificate Authority (PCA) documentation updates
+
 1.48.0 (2022-03-28)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.48.0
+1.50.0

data/lib/aws-sdk-acmpca/client.rb

@@ -426,9 +426,15 @@ module Aws::ACMPCA
     #
     #   Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
     #
-    #   Note: `FIPS_140_2_LEVEL_3_OR_HIGHER` is not supported in Region
-    #   ap-northeast-3. When creating a CA in the ap-northeast-3, you must
-    #   provide `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
+    #   *Note:* `FIPS_140_2_LEVEL_3_OR_HIGHER` is not supported in the
+    #   following Regions:
+    #
+    #   * ap-northeast-3
+    #
+    #   * ap-southeast-3
+    #
+    #   When creating a CA in these Regions, you must provide
+    #   `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
     #   `KeyStorageSecurityStandard`. Failure to do this results in an
     #   `InvalidArgsException` with the message, "A certificate authority
     #   cannot be created in this region with the specified security
@@ -444,6 +450,14 @@ module Aws::ACMPCA
     #
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html
     #
+    # @option params [String] :usage_mode
+    #   Specifies whether the CA issues general-purpose certificates that
+    #   typically require a revocation mechanism, or short-lived certificates
+    #   that may optionally omit revocation because they expire quickly.
+    #   Short-lived certificate validity is limited to seven days.
+    #
+    #   The default value is GENERAL\_PURPOSE.
+    #
     # @return [Types::CreateCertificateAuthorityResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateCertificateAuthorityResponse#certificate_authority_arn #certificate_authority_arn} => String
@@ -557,6 +571,7 @@ module Aws::ACMPCA
     #         value: "TagValue",
     #       },
     #     ],
+    #     usage_mode: "GENERAL_PURPOSE", # accepts GENERAL_PURPOSE, SHORT_LIVED_CERTIFICATE
     #   })
     #
     # @example Response structure
@@ -1059,6 +1074,7 @@ module Aws::ACMPCA
     #   resp.certificate_authority.revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
     #   resp.certificate_authority.restorable_until #=> Time
     #   resp.certificate_authority.key_storage_security_standard #=> String, one of "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
+    #   resp.certificate_authority.usage_mode #=> String, one of "GENERAL_PURPOSE", "SHORT_LIVED_CERTIFICATE"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DescribeCertificateAuthority AWS API Documentation
     #
@@ -1898,6 +1914,7 @@ module Aws::ACMPCA
     #   resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
     #   resp.certificate_authorities[0].restorable_until #=> Time
     #   resp.certificate_authorities[0].key_storage_security_standard #=> String, one of "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
+    #   resp.certificate_authorities[0].usage_mode #=> String, one of "GENERAL_PURPOSE", "SHORT_LIVED_CERTIFICATE"
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/ListCertificateAuthorities AWS API Documentation
@@ -2466,7 +2483,7 @@ module Aws::ACMPCA
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-acmpca'
-      context[:gem_version] = '1.48.0'
+      context[:gem_version] = '1.50.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-acmpca/client_api.rb

@@ -35,6 +35,7 @@ module Aws::ACMPCA
     CertificateAuthorityConfiguration = Shapes::StructureShape.new(name: 'CertificateAuthorityConfiguration')
     CertificateAuthorityStatus = Shapes::StringShape.new(name: 'CertificateAuthorityStatus')
     CertificateAuthorityType = Shapes::StringShape.new(name: 'CertificateAuthorityType')
+    CertificateAuthorityUsageMode = Shapes::StringShape.new(name: 'CertificateAuthorityUsageMode')
     CertificateBody = Shapes::StringShape.new(name: 'CertificateBody')
     CertificateBodyBlob = Shapes::BlobShape.new(name: 'CertificateBodyBlob')
     CertificateChain = Shapes::StringShape.new(name: 'CertificateChain')
@@ -207,6 +208,7 @@ module Aws::ACMPCA
     CertificateAuthority.add_member(:revocation_configuration, Shapes::ShapeRef.new(shape: RevocationConfiguration, location_name: "RevocationConfiguration"))
     CertificateAuthority.add_member(:restorable_until, Shapes::ShapeRef.new(shape: TStamp, location_name: "RestorableUntil"))
     CertificateAuthority.add_member(:key_storage_security_standard, Shapes::ShapeRef.new(shape: KeyStorageSecurityStandard, location_name: "KeyStorageSecurityStandard"))
+    CertificateAuthority.add_member(:usage_mode, Shapes::ShapeRef.new(shape: CertificateAuthorityUsageMode, location_name: "UsageMode"))
     CertificateAuthority.struct_class = Types::CertificateAuthority
 
     CertificateAuthorityConfiguration.add_member(:key_algorithm, Shapes::ShapeRef.new(shape: KeyAlgorithm, required: true, location_name: "KeyAlgorithm"))
@@ -238,6 +240,7 @@ module Aws::ACMPCA
     CreateCertificateAuthorityRequest.add_member(:idempotency_token, Shapes::ShapeRef.new(shape: IdempotencyToken, location_name: "IdempotencyToken"))
     CreateCertificateAuthorityRequest.add_member(:key_storage_security_standard, Shapes::ShapeRef.new(shape: KeyStorageSecurityStandard, location_name: "KeyStorageSecurityStandard"))
     CreateCertificateAuthorityRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
+    CreateCertificateAuthorityRequest.add_member(:usage_mode, Shapes::ShapeRef.new(shape: CertificateAuthorityUsageMode, location_name: "UsageMode"))
     CreateCertificateAuthorityRequest.struct_class = Types::CreateCertificateAuthorityRequest
 
     CreateCertificateAuthorityResponse.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateAuthorityArn"))

data/lib/aws-sdk-acmpca/types.rb

@@ -496,6 +496,15 @@ module Aws::ACMPCA
     #   region with the specified security standard."
     #   @return [String]
     #
+    # @!attribute [rw] usage_mode
+    #   Specifies whether the CA issues general-purpose certificates that
+    #   typically require a revocation mechanism, or short-lived
+    #   certificates that may optionally omit revocation because they expire
+    #   quickly. Short-lived certificate validity is limited to seven days.
+    #
+    #   The default value is GENERAL\_PURPOSE.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CertificateAuthority AWS API Documentation
     #
     class CertificateAuthority < Struct.new(
@@ -512,7 +521,8 @@ module Aws::ACMPCA
       :certificate_authority_configuration,
       :revocation_configuration,
       :restorable_until,
-      :key_storage_security_standard)
+      :key_storage_security_standard,
+      :usage_mode)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -844,6 +854,7 @@ module Aws::ACMPCA
     #             value: "TagValue",
     #           },
     #         ],
+    #         usage_mode: "GENERAL_PURPOSE", # accepts GENERAL_PURPOSE, SHORT_LIVED_CERTIFICATE
     #       }
     #
     # @!attribute [rw] certificate_authority_configuration
@@ -887,9 +898,15 @@ module Aws::ACMPCA
     #
     #   Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
     #
-    #   Note: `FIPS_140_2_LEVEL_3_OR_HIGHER` is not supported in Region
-    #   ap-northeast-3. When creating a CA in the ap-northeast-3, you must
-    #   provide `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
+    #   *Note:* `FIPS_140_2_LEVEL_3_OR_HIGHER` is not supported in the
+    #   following Regions:
+    #
+    #   * ap-northeast-3
+    #
+    #   * ap-southeast-3
+    #
+    #   When creating a CA in these Regions, you must provide
+    #   `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
     #   `KeyStorageSecurityStandard`. Failure to do this results in an
     #   `InvalidArgsException` with the message, "A certificate authority
     #   cannot be created in this region with the specified security
@@ -907,6 +924,15 @@ module Aws::ACMPCA
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html
     #   @return [Array<Types::Tag>]
     #
+    # @!attribute [rw] usage_mode
+    #   Specifies whether the CA issues general-purpose certificates that
+    #   typically require a revocation mechanism, or short-lived
+    #   certificates that may optionally omit revocation because they expire
+    #   quickly. Short-lived certificate validity is limited to seven days.
+    #
+    #   The default value is GENERAL\_PURPOSE.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CreateCertificateAuthorityRequest AWS API Documentation
     #
     class CreateCertificateAuthorityRequest < Struct.new(
@@ -915,7 +941,8 @@ module Aws::ACMPCA
       :certificate_authority_type,
       :idempotency_token,
       :key_storage_security_standard,
-      :tags)
+      :tags,
+      :usage_mode)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1060,8 +1087,7 @@ module Aws::ACMPCA
     # `openssl crl -inform DER -text -in crl_path -noout`
     #
     # For more information, see [Planning a certificate revocation list
-    # (CRL)][2] in the *Certificate Manager Private Certificate Authority
-    # (PCA) User Guide*
+    # (CRL)][2] in the *Private Certificate Authority (PCA) User Guide*
     #
     #
     #
@@ -1721,15 +1747,9 @@ module Aws::ACMPCA
     #   the critical flag. For more information, see the [Global OID
     #   reference database.][1]
     #
-    #   <note markdown="1"> The OID value of a [CustomExtension][2] must not match the OID of a
-    #   predefined extension.
-    #
-    #    </note>
-    #
     #
     #
     #   [1]: https://oidref.com/2.5.29
-    #   [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CustomExtension.html
     #   @return [Array<Types::CustomExtension>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/Extensions AWS API Documentation
@@ -2812,8 +2832,8 @@ module Aws::ACMPCA
     #   as "http://" or "https://".
     #
     #   For more information, see [Customizing Online Certificate Status
-    #   Protocol (OCSP) ][1] in the *Certificate Manager Private Certificate
-    #   Authority (PCA) User Guide*.
+    #   Protocol (OCSP) ][1] in the *Private Certificate Authority (PCA)
+    #   User Guide*.
     #
     #
     #
@@ -3162,8 +3182,7 @@ module Aws::ACMPCA
     # about certificates as requested by clients, and a CRL contains an
     # updated list of certificates revoked by your CA. For more information,
     # see [RevokeCertificate][3] and [Setting up a certificate revocation
-    # method][4] in the *Certificate Manager Private Certificate Authority
-    # (PCA) User Guide*.
+    # method][4] in the *Private Certificate Authority (PCA) User Guide*.
     #
     #
     #
@@ -3463,7 +3482,7 @@ module Aws::ACMPCA
     #
     #
     #
-    # [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
+    # [1]: https://tools.ietf.org/html/rfc5280#section-4.1.2.5
     #
     # @note When making an API call, you may pass Validity
     #   data as a hash:

data/lib/aws-sdk-acmpca.rb

@@ -49,6 +49,6 @@ require_relative 'aws-sdk-acmpca/customizations'
 # @!group service
 module Aws::ACMPCA
 
-  GEM_VERSION = '1.48.0'
+  GEM_VERSION = '1.50.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acmpca
 version: !ruby/object:Gem::Version
-  version: 1.48.0
+  version: 1.50.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-03-28 00:00:00.000000000 Z
+date: 2022-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core