aws-sdk-acmpca 1.48.0 → 1.50.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9d5e73b72e120fe6f31fdb18760aa8a128be5cc432116ce6084da30f9e8d3140
4
- data.tar.gz: 85d9985fb896de12f98b252e9ed8608a056bd4dd98faf9b7f80530dc2e6049d4
3
+ metadata.gz: 05e21752805d796c4ee23b5fe338fa0cf6a93ba097d5627ae0b4d51a65601726
4
+ data.tar.gz: 967715dbdf0a69e677a5575b759f68b6b202d9370570f67dfce0e86ddfcd3c3e
5
5
  SHA512:
6
- metadata.gz: a7f3210122e4e950a70270cdc69afa4f776e9ef3f73e5fbc7cb863d1e27910818bf909b461af3de8d3f574b9629d5c8d36563211e3d4f0f40f44ce053b71046d
7
- data.tar.gz: 2d2e4e53f928df205f5c5624c502d17af55bf3c2d798ac821575380fb12dd59ece4369e7cff091183e2ebbc8bb271e3fb17ff92c74a6cbbce5d2bf12a343df57
6
+ metadata.gz: 74aa38c3f50ec94cc13f736ba36f1fab8c4beee05e533db3cec0f524420fe32f058c531e36dbbcd09e4841eb9509d2c4eb29ffbb2ffe1a30db889150975745c0
7
+ data.tar.gz: 7b0bf7646c5d66e93e56786330c721855f48f60f2f1b33237f05e553605a3daa6723b2e8beeb9c0243bc7f025cc2ccabf2ddaf59ac969d4d151e1b36e492006e
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.50.0 (2022-10-24)
5
+ ------------------
6
+
7
+ * Feature - AWS Private Certificate Authority (AWS Private CA) now offers usage modes which are combination of features to address specific use cases.
8
+
9
+ 1.49.0 (2022-07-20)
10
+ ------------------
11
+
12
+ * Feature - AWS Certificate Manager (ACM) Private Certificate Authority (PCA) documentation updates
13
+
4
14
  1.48.0 (2022-03-28)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.48.0
1
+ 1.50.0
@@ -426,9 +426,15 @@ module Aws::ACMPCA
426
426
  #
427
427
  # Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
428
428
  #
429
- # Note: `FIPS_140_2_LEVEL_3_OR_HIGHER` is not supported in Region
430
- # ap-northeast-3. When creating a CA in the ap-northeast-3, you must
431
- # provide `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
429
+ # *Note:* `FIPS_140_2_LEVEL_3_OR_HIGHER` is not supported in the
430
+ # following Regions:
431
+ #
432
+ # * ap-northeast-3
433
+ #
434
+ # * ap-southeast-3
435
+ #
436
+ # When creating a CA in these Regions, you must provide
437
+ # `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
432
438
  # `KeyStorageSecurityStandard`. Failure to do this results in an
433
439
  # `InvalidArgsException` with the message, "A certificate authority
434
440
  # cannot be created in this region with the specified security
@@ -444,6 +450,14 @@ module Aws::ACMPCA
444
450
  #
445
451
  # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html
446
452
  #
453
+ # @option params [String] :usage_mode
454
+ # Specifies whether the CA issues general-purpose certificates that
455
+ # typically require a revocation mechanism, or short-lived certificates
456
+ # that may optionally omit revocation because they expire quickly.
457
+ # Short-lived certificate validity is limited to seven days.
458
+ #
459
+ # The default value is GENERAL\_PURPOSE.
460
+ #
447
461
  # @return [Types::CreateCertificateAuthorityResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
448
462
  #
449
463
  # * {Types::CreateCertificateAuthorityResponse#certificate_authority_arn #certificate_authority_arn} => String
@@ -557,6 +571,7 @@ module Aws::ACMPCA
557
571
  # value: "TagValue",
558
572
  # },
559
573
  # ],
574
+ # usage_mode: "GENERAL_PURPOSE", # accepts GENERAL_PURPOSE, SHORT_LIVED_CERTIFICATE
560
575
  # })
561
576
  #
562
577
  # @example Response structure
@@ -1059,6 +1074,7 @@ module Aws::ACMPCA
1059
1074
  # resp.certificate_authority.revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
1060
1075
  # resp.certificate_authority.restorable_until #=> Time
1061
1076
  # resp.certificate_authority.key_storage_security_standard #=> String, one of "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
1077
+ # resp.certificate_authority.usage_mode #=> String, one of "GENERAL_PURPOSE", "SHORT_LIVED_CERTIFICATE"
1062
1078
  #
1063
1079
  # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DescribeCertificateAuthority AWS API Documentation
1064
1080
  #
@@ -1898,6 +1914,7 @@ module Aws::ACMPCA
1898
1914
  # resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
1899
1915
  # resp.certificate_authorities[0].restorable_until #=> Time
1900
1916
  # resp.certificate_authorities[0].key_storage_security_standard #=> String, one of "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
1917
+ # resp.certificate_authorities[0].usage_mode #=> String, one of "GENERAL_PURPOSE", "SHORT_LIVED_CERTIFICATE"
1901
1918
  # resp.next_token #=> String
1902
1919
  #
1903
1920
  # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/ListCertificateAuthorities AWS API Documentation
@@ -2466,7 +2483,7 @@ module Aws::ACMPCA
2466
2483
  params: params,
2467
2484
  config: config)
2468
2485
  context[:gem_name] = 'aws-sdk-acmpca'
2469
- context[:gem_version] = '1.48.0'
2486
+ context[:gem_version] = '1.50.0'
2470
2487
  Seahorse::Client::Request.new(handlers, context)
2471
2488
  end
2472
2489
 
@@ -35,6 +35,7 @@ module Aws::ACMPCA
35
35
  CertificateAuthorityConfiguration = Shapes::StructureShape.new(name: 'CertificateAuthorityConfiguration')
36
36
  CertificateAuthorityStatus = Shapes::StringShape.new(name: 'CertificateAuthorityStatus')
37
37
  CertificateAuthorityType = Shapes::StringShape.new(name: 'CertificateAuthorityType')
38
+ CertificateAuthorityUsageMode = Shapes::StringShape.new(name: 'CertificateAuthorityUsageMode')
38
39
  CertificateBody = Shapes::StringShape.new(name: 'CertificateBody')
39
40
  CertificateBodyBlob = Shapes::BlobShape.new(name: 'CertificateBodyBlob')
40
41
  CertificateChain = Shapes::StringShape.new(name: 'CertificateChain')
@@ -207,6 +208,7 @@ module Aws::ACMPCA
207
208
  CertificateAuthority.add_member(:revocation_configuration, Shapes::ShapeRef.new(shape: RevocationConfiguration, location_name: "RevocationConfiguration"))
208
209
  CertificateAuthority.add_member(:restorable_until, Shapes::ShapeRef.new(shape: TStamp, location_name: "RestorableUntil"))
209
210
  CertificateAuthority.add_member(:key_storage_security_standard, Shapes::ShapeRef.new(shape: KeyStorageSecurityStandard, location_name: "KeyStorageSecurityStandard"))
211
+ CertificateAuthority.add_member(:usage_mode, Shapes::ShapeRef.new(shape: CertificateAuthorityUsageMode, location_name: "UsageMode"))
210
212
  CertificateAuthority.struct_class = Types::CertificateAuthority
211
213
 
212
214
  CertificateAuthorityConfiguration.add_member(:key_algorithm, Shapes::ShapeRef.new(shape: KeyAlgorithm, required: true, location_name: "KeyAlgorithm"))
@@ -238,6 +240,7 @@ module Aws::ACMPCA
238
240
  CreateCertificateAuthorityRequest.add_member(:idempotency_token, Shapes::ShapeRef.new(shape: IdempotencyToken, location_name: "IdempotencyToken"))
239
241
  CreateCertificateAuthorityRequest.add_member(:key_storage_security_standard, Shapes::ShapeRef.new(shape: KeyStorageSecurityStandard, location_name: "KeyStorageSecurityStandard"))
240
242
  CreateCertificateAuthorityRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
243
+ CreateCertificateAuthorityRequest.add_member(:usage_mode, Shapes::ShapeRef.new(shape: CertificateAuthorityUsageMode, location_name: "UsageMode"))
241
244
  CreateCertificateAuthorityRequest.struct_class = Types::CreateCertificateAuthorityRequest
242
245
 
243
246
  CreateCertificateAuthorityResponse.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateAuthorityArn"))
@@ -496,6 +496,15 @@ module Aws::ACMPCA
496
496
  # region with the specified security standard."
497
497
  # @return [String]
498
498
  #
499
+ # @!attribute [rw] usage_mode
500
+ # Specifies whether the CA issues general-purpose certificates that
501
+ # typically require a revocation mechanism, or short-lived
502
+ # certificates that may optionally omit revocation because they expire
503
+ # quickly. Short-lived certificate validity is limited to seven days.
504
+ #
505
+ # The default value is GENERAL\_PURPOSE.
506
+ # @return [String]
507
+ #
499
508
  # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CertificateAuthority AWS API Documentation
500
509
  #
501
510
  class CertificateAuthority < Struct.new(
@@ -512,7 +521,8 @@ module Aws::ACMPCA
512
521
  :certificate_authority_configuration,
513
522
  :revocation_configuration,
514
523
  :restorable_until,
515
- :key_storage_security_standard)
524
+ :key_storage_security_standard,
525
+ :usage_mode)
516
526
  SENSITIVE = []
517
527
  include Aws::Structure
518
528
  end
@@ -844,6 +854,7 @@ module Aws::ACMPCA
844
854
  # value: "TagValue",
845
855
  # },
846
856
  # ],
857
+ # usage_mode: "GENERAL_PURPOSE", # accepts GENERAL_PURPOSE, SHORT_LIVED_CERTIFICATE
847
858
  # }
848
859
  #
849
860
  # @!attribute [rw] certificate_authority_configuration
@@ -887,9 +898,15 @@ module Aws::ACMPCA
887
898
  #
888
899
  # Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
889
900
  #
890
- # Note: `FIPS_140_2_LEVEL_3_OR_HIGHER` is not supported in Region
891
- # ap-northeast-3. When creating a CA in the ap-northeast-3, you must
892
- # provide `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
901
+ # *Note:* `FIPS_140_2_LEVEL_3_OR_HIGHER` is not supported in the
902
+ # following Regions:
903
+ #
904
+ # * ap-northeast-3
905
+ #
906
+ # * ap-southeast-3
907
+ #
908
+ # When creating a CA in these Regions, you must provide
909
+ # `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
893
910
  # `KeyStorageSecurityStandard`. Failure to do this results in an
894
911
  # `InvalidArgsException` with the message, "A certificate authority
895
912
  # cannot be created in this region with the specified security
@@ -907,6 +924,15 @@ module Aws::ACMPCA
907
924
  # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html
908
925
  # @return [Array<Types::Tag>]
909
926
  #
927
+ # @!attribute [rw] usage_mode
928
+ # Specifies whether the CA issues general-purpose certificates that
929
+ # typically require a revocation mechanism, or short-lived
930
+ # certificates that may optionally omit revocation because they expire
931
+ # quickly. Short-lived certificate validity is limited to seven days.
932
+ #
933
+ # The default value is GENERAL\_PURPOSE.
934
+ # @return [String]
935
+ #
910
936
  # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CreateCertificateAuthorityRequest AWS API Documentation
911
937
  #
912
938
  class CreateCertificateAuthorityRequest < Struct.new(
@@ -915,7 +941,8 @@ module Aws::ACMPCA
915
941
  :certificate_authority_type,
916
942
  :idempotency_token,
917
943
  :key_storage_security_standard,
918
- :tags)
944
+ :tags,
945
+ :usage_mode)
919
946
  SENSITIVE = []
920
947
  include Aws::Structure
921
948
  end
@@ -1060,8 +1087,7 @@ module Aws::ACMPCA
1060
1087
  # `openssl crl -inform DER -text -in crl_path -noout`
1061
1088
  #
1062
1089
  # For more information, see [Planning a certificate revocation list
1063
- # (CRL)][2] in the *Certificate Manager Private Certificate Authority
1064
- # (PCA) User Guide*
1090
+ # (CRL)][2] in the *Private Certificate Authority (PCA) User Guide*
1065
1091
  #
1066
1092
  #
1067
1093
  #
@@ -1721,15 +1747,9 @@ module Aws::ACMPCA
1721
1747
  # the critical flag. For more information, see the [Global OID
1722
1748
  # reference database.][1]
1723
1749
  #
1724
- # <note markdown="1"> The OID value of a [CustomExtension][2] must not match the OID of a
1725
- # predefined extension.
1726
- #
1727
- # </note>
1728
- #
1729
1750
  #
1730
1751
  #
1731
1752
  # [1]: https://oidref.com/2.5.29
1732
- # [2]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CustomExtension.html
1733
1753
  # @return [Array<Types::CustomExtension>]
1734
1754
  #
1735
1755
  # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/Extensions AWS API Documentation
@@ -2812,8 +2832,8 @@ module Aws::ACMPCA
2812
2832
  # as "http://" or "https://".
2813
2833
  #
2814
2834
  # For more information, see [Customizing Online Certificate Status
2815
- # Protocol (OCSP) ][1] in the *Certificate Manager Private Certificate
2816
- # Authority (PCA) User Guide*.
2835
+ # Protocol (OCSP) ][1] in the *Private Certificate Authority (PCA)
2836
+ # User Guide*.
2817
2837
  #
2818
2838
  #
2819
2839
  #
@@ -3162,8 +3182,7 @@ module Aws::ACMPCA
3162
3182
  # about certificates as requested by clients, and a CRL contains an
3163
3183
  # updated list of certificates revoked by your CA. For more information,
3164
3184
  # see [RevokeCertificate][3] and [Setting up a certificate revocation
3165
- # method][4] in the *Certificate Manager Private Certificate Authority
3166
- # (PCA) User Guide*.
3185
+ # method][4] in the *Private Certificate Authority (PCA) User Guide*.
3167
3186
  #
3168
3187
  #
3169
3188
  #
@@ -3463,7 +3482,7 @@ module Aws::ACMPCA
3463
3482
  #
3464
3483
  #
3465
3484
  #
3466
- # [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
3485
+ # [1]: https://tools.ietf.org/html/rfc5280#section-4.1.2.5
3467
3486
  #
3468
3487
  # @note When making an API call, you may pass Validity
3469
3488
  # data as a hash:
@@ -49,6 +49,6 @@ require_relative 'aws-sdk-acmpca/customizations'
49
49
  # @!group service
50
50
  module Aws::ACMPCA
51
51
 
52
- GEM_VERSION = '1.48.0'
52
+ GEM_VERSION = '1.50.0'
53
53
 
54
54
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-acmpca
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.48.0
4
+ version: 1.50.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-03-28 00:00:00.000000000 Z
11
+ date: 2022-10-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core