aws-sdk-acmpca 1.53.0 → 1.55.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-acmpca/client.rb +20 -11
- data/lib/aws-sdk-acmpca/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-acmpca/endpoint_provider.rb +29 -26
- data/lib/aws-sdk-acmpca/types.rb +36 -32
- data/lib/aws-sdk-acmpca.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 29a8c31bf94981bd67cc85a878c4fb93bdf999b2a662d78cbc2c5df68c8680b3
|
|
4
|
+
data.tar.gz: bba43113622380d993c3a6229ef665b5f0abe1bf19b680c8a9f0527fdbbaad88
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c4b8689f469bc128d1844199716ab7966af5752dbbaf7e1c53b6420405a0e8991cdc6257dd5d978bc85164bf8fc63a22da4284972ec12cc65e52360d8b85aded
|
|
7
|
+
data.tar.gz: 1e2f7647ad6e1d9e52b6fe5422d2464910eefe16d9b9d58bce5b2422c846868e2a88823128be6548d33f9599e803f22f51ef92770f4423eda0e183cf757824e2
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.55.0 (2023-06-09)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Document-only update to refresh CLI documentation for AWS Private CA. No change to the service.
|
|
8
|
+
|
|
9
|
+
1.54.0 (2023-05-31)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
13
|
+
|
|
4
14
|
1.53.0 (2023-01-18)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.55.0
|
|
@@ -275,6 +275,11 @@ module Aws::ACMPCA
|
|
|
275
275
|
# in the future.
|
|
276
276
|
#
|
|
277
277
|
#
|
|
278
|
+
# @option options [String] :sdk_ua_app_id
|
|
279
|
+
# A unique and opaque application ID that is appended to the
|
|
280
|
+
# User-Agent header as app/<sdk_ua_app_id>. It should have a
|
|
281
|
+
# maximum length of 50.
|
|
282
|
+
#
|
|
278
283
|
# @option options [String] :secret_access_key
|
|
279
284
|
#
|
|
280
285
|
# @option options [String] :session_token
|
|
@@ -468,20 +473,24 @@ module Aws::ACMPCA
|
|
|
468
473
|
#
|
|
469
474
|
# Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
|
|
470
475
|
#
|
|
471
|
-
#
|
|
472
|
-
#
|
|
473
|
-
#
|
|
474
|
-
# * ap-northeast-3
|
|
475
|
-
#
|
|
476
|
-
# * ap-southeast-3
|
|
477
|
-
#
|
|
478
|
-
# When creating a CA in these Regions, you must provide
|
|
476
|
+
# <note markdown="1"> Some Amazon Web Services Regions do not support the default. When
|
|
477
|
+
# creating a CA in these Regions, you must provide
|
|
479
478
|
# `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
|
|
480
479
|
# `KeyStorageSecurityStandard`. Failure to do this results in an
|
|
481
480
|
# `InvalidArgsException` with the message, "A certificate authority
|
|
482
481
|
# cannot be created in this region with the specified security
|
|
483
482
|
# standard."
|
|
484
483
|
#
|
|
484
|
+
# For information about security standard support in various Regions,
|
|
485
|
+
# see [Storage and security compliance of Amazon Web Services Private CA
|
|
486
|
+
# private keys][1].
|
|
487
|
+
#
|
|
488
|
+
# </note>
|
|
489
|
+
#
|
|
490
|
+
#
|
|
491
|
+
#
|
|
492
|
+
# [1]: https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys
|
|
493
|
+
#
|
|
485
494
|
# @option params [Array<Types::Tag>] :tags
|
|
486
495
|
# Key-value pairs that will be attached to the new private CA. You can
|
|
487
496
|
# associate up to 50 tags with a private CA. For information using tags
|
|
@@ -1624,7 +1633,7 @@ module Aws::ACMPCA
|
|
|
1624
1633
|
# parameter used to sign a CSR in the `CreateCertificateAuthority`
|
|
1625
1634
|
# action.
|
|
1626
1635
|
#
|
|
1627
|
-
# <note markdown="1"> The specified signing algorithm family (RSA or ECDSA)
|
|
1636
|
+
# <note markdown="1"> The specified signing algorithm family (RSA or ECDSA) must match the
|
|
1628
1637
|
# algorithm family of the CA's secret key.
|
|
1629
1638
|
#
|
|
1630
1639
|
# </note>
|
|
@@ -1692,7 +1701,7 @@ module Aws::ACMPCA
|
|
|
1692
1701
|
#
|
|
1693
1702
|
#
|
|
1694
1703
|
#
|
|
1695
|
-
# [1]: https://docs.aws.amazon.com/
|
|
1704
|
+
# [1]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_Validity.html
|
|
1696
1705
|
# [2]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
|
|
1697
1706
|
#
|
|
1698
1707
|
# @option params [String] :idempotency_token
|
|
@@ -2562,7 +2571,7 @@ module Aws::ACMPCA
|
|
|
2562
2571
|
params: params,
|
|
2563
2572
|
config: config)
|
|
2564
2573
|
context[:gem_name] = 'aws-sdk-acmpca'
|
|
2565
|
-
context[:gem_version] = '1.
|
|
2574
|
+
context[:gem_version] = '1.55.0'
|
|
2566
2575
|
Seahorse::Client::Request.new(handlers, context)
|
|
2567
2576
|
end
|
|
2568
2577
|
|
|
@@ -50,9 +50,6 @@ module Aws::ACMPCA
|
|
|
50
50
|
|
|
51
51
|
def initialize(options = {})
|
|
52
52
|
self[:region] = options[:region]
|
|
53
|
-
if self[:region].nil?
|
|
54
|
-
raise ArgumentError, "Missing required EndpointParameter: :region"
|
|
55
|
-
end
|
|
56
53
|
self[:use_dual_stack] = options[:use_dual_stack]
|
|
57
54
|
self[:use_dual_stack] = false if self[:use_dual_stack].nil?
|
|
58
55
|
if self[:use_dual_stack].nil?
|
|
@@ -14,39 +14,42 @@ module Aws::ACMPCA
|
|
|
14
14
|
use_dual_stack = parameters.use_dual_stack
|
|
15
15
|
use_fips = parameters.use_fips
|
|
16
16
|
endpoint = parameters.endpoint
|
|
17
|
-
if
|
|
18
|
-
if Aws::Endpoints::Matchers.
|
|
19
|
-
|
|
20
|
-
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
21
|
-
end
|
|
22
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
23
|
-
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
24
|
-
end
|
|
25
|
-
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
17
|
+
if Aws::Endpoints::Matchers.set?(endpoint)
|
|
18
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
19
|
+
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
26
20
|
end
|
|
27
|
-
if Aws::Endpoints::Matchers.boolean_equals?(
|
|
28
|
-
|
|
29
|
-
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
30
|
-
end
|
|
31
|
-
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
21
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
22
|
+
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
32
23
|
end
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
24
|
+
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
25
|
+
end
|
|
26
|
+
if Aws::Endpoints::Matchers.set?(region)
|
|
27
|
+
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
|
28
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
29
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
30
|
+
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
37
31
|
end
|
|
38
|
-
|
|
32
|
+
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
39
33
|
end
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
34
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
35
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
|
|
36
|
+
if Aws::Endpoints::Matchers.string_equals?("aws-us-gov", Aws::Endpoints::Matchers.attr(partition_result, "name"))
|
|
37
|
+
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{region}.amazonaws.com", headers: {}, properties: {})
|
|
38
|
+
end
|
|
39
|
+
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
40
|
+
end
|
|
41
|
+
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
|
42
|
+
end
|
|
43
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
44
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
45
|
+
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
46
|
+
end
|
|
47
|
+
raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
|
|
45
48
|
end
|
|
46
|
-
|
|
49
|
+
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
47
50
|
end
|
|
48
|
-
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
49
51
|
end
|
|
52
|
+
raise ArgumentError, "Invalid Configuration: Missing Region"
|
|
50
53
|
raise ArgumentError, 'No endpoint could be resolved'
|
|
51
54
|
|
|
52
55
|
end
|
data/lib/aws-sdk-acmpca/types.rb
CHANGED
|
@@ -523,19 +523,23 @@ module Aws::ACMPCA
|
|
|
523
523
|
#
|
|
524
524
|
# Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
|
|
525
525
|
#
|
|
526
|
-
#
|
|
527
|
-
#
|
|
528
|
-
#
|
|
529
|
-
# * ap-northeast-3
|
|
530
|
-
#
|
|
531
|
-
# * ap-southeast-3
|
|
532
|
-
#
|
|
533
|
-
# When creating a CA in these Regions, you must provide
|
|
526
|
+
# <note markdown="1"> Some Amazon Web Services Regions do not support the default. When
|
|
527
|
+
# creating a CA in these Regions, you must provide
|
|
534
528
|
# `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
|
|
535
529
|
# `KeyStorageSecurityStandard`. Failure to do this results in an
|
|
536
530
|
# `InvalidArgsException` with the message, "A certificate authority
|
|
537
531
|
# cannot be created in this region with the specified security
|
|
538
532
|
# standard."
|
|
533
|
+
#
|
|
534
|
+
# For information about security standard support in various Regions,
|
|
535
|
+
# see [Storage and security compliance of Amazon Web Services Private
|
|
536
|
+
# CA private keys][1].
|
|
537
|
+
#
|
|
538
|
+
# </note>
|
|
539
|
+
#
|
|
540
|
+
#
|
|
541
|
+
#
|
|
542
|
+
# [1]: https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys
|
|
539
543
|
# @return [String]
|
|
540
544
|
#
|
|
541
545
|
# @!attribute [rw] tags
|
|
@@ -657,45 +661,45 @@ module Aws::ACMPCA
|
|
|
657
661
|
#
|
|
658
662
|
# CRLs contain the following fields:
|
|
659
663
|
#
|
|
660
|
-
# * **Version
|
|
664
|
+
# * **Version**: The current version number defined in RFC 5280 is V2.
|
|
661
665
|
# The integer value is 0x1.
|
|
662
666
|
#
|
|
663
|
-
# * **Signature Algorithm
|
|
667
|
+
# * **Signature Algorithm**: The name of the algorithm used to sign the
|
|
664
668
|
# CRL.
|
|
665
669
|
#
|
|
666
|
-
# * **Issuer
|
|
670
|
+
# * **Issuer**: The X.500 distinguished name of your private CA that
|
|
667
671
|
# issued the CRL.
|
|
668
672
|
#
|
|
669
|
-
# * **Last Update
|
|
673
|
+
# * **Last Update**: The issue date and time of this CRL.
|
|
670
674
|
#
|
|
671
|
-
# * **Next Update
|
|
675
|
+
# * **Next Update**: The day and time by which the next CRL will be
|
|
672
676
|
# issued.
|
|
673
677
|
#
|
|
674
|
-
# * **Revoked Certificates
|
|
678
|
+
# * **Revoked Certificates**: List of revoked certificates. Each list
|
|
675
679
|
# item contains the following information.
|
|
676
680
|
#
|
|
677
|
-
# * **Serial Number
|
|
681
|
+
# * **Serial Number**: The serial number, in hexadecimal format, of
|
|
678
682
|
# the revoked certificate.
|
|
679
683
|
#
|
|
680
|
-
# * **Revocation Date
|
|
684
|
+
# * **Revocation Date**: Date and time the certificate was revoked.
|
|
681
685
|
#
|
|
682
|
-
# * **CRL Entry Extensions
|
|
686
|
+
# * **CRL Entry Extensions**: Optional extensions for the CRL entry.
|
|
683
687
|
#
|
|
684
|
-
# * **X509v3 CRL Reason Code
|
|
688
|
+
# * **X509v3 CRL Reason Code**: Reason the certificate was revoked.
|
|
685
689
|
#
|
|
686
690
|
# ^
|
|
687
691
|
#
|
|
688
|
-
# * **CRL Extensions
|
|
692
|
+
# * **CRL Extensions**: Optional extensions for the CRL.
|
|
689
693
|
#
|
|
690
|
-
# * **X509v3 Authority Key Identifier
|
|
694
|
+
# * **X509v3 Authority Key Identifier**: Identifies the public key
|
|
691
695
|
# associated with the private key used to sign the certificate.
|
|
692
696
|
#
|
|
693
|
-
# * **X509v3 CRL Number
|
|
697
|
+
# * **X509v3 CRL Number:**: Decimal sequence number for the CRL.
|
|
694
698
|
#
|
|
695
|
-
# * **Signature Algorithm
|
|
699
|
+
# * **Signature Algorithm**: Algorithm used by your private CA to sign
|
|
696
700
|
# the CRL.
|
|
697
701
|
#
|
|
698
|
-
# * **Signature Value
|
|
702
|
+
# * **Signature Value**: Signature computed over the CRL.
|
|
699
703
|
#
|
|
700
704
|
# Certificate revocation lists created by Amazon Web Services Private CA
|
|
701
705
|
# are DER-encoded. You can use the following OpenSSL command to list a
|
|
@@ -1581,7 +1585,7 @@ module Aws::ACMPCA
|
|
|
1581
1585
|
# parameter used to sign a CSR in the `CreateCertificateAuthority`
|
|
1582
1586
|
# action.
|
|
1583
1587
|
#
|
|
1584
|
-
# <note markdown="1"> The specified signing algorithm family (RSA or ECDSA)
|
|
1588
|
+
# <note markdown="1"> The specified signing algorithm family (RSA or ECDSA) must match the
|
|
1585
1589
|
# algorithm family of the CA's secret key.
|
|
1586
1590
|
#
|
|
1587
1591
|
# </note>
|
|
@@ -1652,7 +1656,7 @@ module Aws::ACMPCA
|
|
|
1652
1656
|
#
|
|
1653
1657
|
#
|
|
1654
1658
|
#
|
|
1655
|
-
# [1]: https://docs.aws.amazon.com/
|
|
1659
|
+
# [1]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_Validity.html
|
|
1656
1660
|
# [2]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
|
|
1657
1661
|
# @return [Types::Validity]
|
|
1658
1662
|
#
|
|
@@ -2526,10 +2530,10 @@ module Aws::ACMPCA
|
|
|
2526
2530
|
#
|
|
2527
2531
|
# Amazon Web Services Private CA API consumes the `Validity` data type
|
|
2528
2532
|
# differently in two distinct parameters of the `IssueCertificate`
|
|
2529
|
-
# action. The required parameter `IssueCertificate
|
|
2530
|
-
#
|
|
2531
|
-
#
|
|
2532
|
-
#
|
|
2533
|
+
# action. The required parameter `IssueCertificate`:`Validity` specifies
|
|
2534
|
+
# the end of a certificate's validity period. The optional parameter
|
|
2535
|
+
# `IssueCertificate`:`ValidityNotBefore` specifies a customized starting
|
|
2536
|
+
# time for the validity period.
|
|
2533
2537
|
#
|
|
2534
2538
|
#
|
|
2535
2539
|
#
|
|
@@ -2545,7 +2549,7 @@ module Aws::ACMPCA
|
|
|
2545
2549
|
# those listed below. Type definitions with values include a sample
|
|
2546
2550
|
# input value and the resulting output.
|
|
2547
2551
|
#
|
|
2548
|
-
# `END_DATE
|
|
2552
|
+
# `END_DATE`: The specific date and time when the certificate will
|
|
2549
2553
|
# expire, expressed using UTCTime (YYMMDDHHMMSS) or GeneralizedTime
|
|
2550
2554
|
# (YYYYMMDDHHMMSS) format. When UTCTime is used, if the year field
|
|
2551
2555
|
# (YY) is greater than or equal to 50, the year is interpreted as
|
|
@@ -2556,7 +2560,7 @@ module Aws::ACMPCA
|
|
|
2556
2560
|
#
|
|
2557
2561
|
# * Output expiration date/time: 12/31/2049 23:59:59
|
|
2558
2562
|
#
|
|
2559
|
-
# `ABSOLUTE
|
|
2563
|
+
# `ABSOLUTE`: The specific date and time when the validity of a
|
|
2560
2564
|
# certificate will start or expire, expressed in seconds since the
|
|
2561
2565
|
# Unix Epoch.
|
|
2562
2566
|
#
|
|
@@ -2564,7 +2568,7 @@ module Aws::ACMPCA
|
|
|
2564
2568
|
#
|
|
2565
2569
|
# * Output expiration date/time: 01/01/2050 00:00:00
|
|
2566
2570
|
#
|
|
2567
|
-
# `DAYS`, `MONTHS`, `YEARS
|
|
2571
|
+
# `DAYS`, `MONTHS`, `YEARS`: The relative time from the moment of
|
|
2568
2572
|
# issuance until the certificate will expire, expressed in days,
|
|
2569
2573
|
# months, or years.
|
|
2570
2574
|
#
|
data/lib/aws-sdk-acmpca.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-acmpca
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.55.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-06-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|
|
@@ -19,7 +19,7 @@ dependencies:
|
|
|
19
19
|
version: '3'
|
|
20
20
|
- - ">="
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
|
-
version: 3.
|
|
22
|
+
version: 3.174.0
|
|
23
23
|
type: :runtime
|
|
24
24
|
prerelease: false
|
|
25
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -29,7 +29,7 @@ dependencies:
|
|
|
29
29
|
version: '3'
|
|
30
30
|
- - ">="
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: 3.
|
|
32
|
+
version: 3.174.0
|
|
33
33
|
- !ruby/object:Gem::Dependency
|
|
34
34
|
name: aws-sigv4
|
|
35
35
|
requirement: !ruby/object:Gem::Requirement
|