aws-sdk-acmpca 1.62.0 → 1.64.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-acmpca/client.rb +13 -2
- data/lib/aws-sdk-acmpca/client_api.rb +5 -0
- data/lib/aws-sdk-acmpca/endpoint_provider.rb +2 -2
- data/lib/aws-sdk-acmpca/plugins/endpoints.rb +3 -2
- data/lib/aws-sdk-acmpca/types.rb +48 -4
- data/lib/aws-sdk-acmpca/waiters.rb +3 -3
- data/lib/aws-sdk-acmpca.rb +1 -1
- metadata +6 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 9c2dc1b13bf72b27110239fe9f1704a041676797a636eaf06eb2cebebf2c1242
|
4
|
+
data.tar.gz: 125ad485e426592f322f07e6e2402c9e276bd0d4fdf7a81ac01f6fbc195c761e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8f79074de0527480c20e9e24cfc247eb65cc6b4230410be6d7e0aeff760fa7bf0c5a7fec2e0048bffad19b99f01301b0b04c3c1b4ad3869ec646de5592096067
|
7
|
+
data.tar.gz: 7706bb871ff81f60f28c51de191cdf6f793c95a688f77107b434b3057a1a0517850f06597205b4380dea07d9c0b3f1f0807169bddc76e895a55ebbbb7b076cdf
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,16 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.64.0 (2024-01-25)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - AWS Private CA now supports an option to omit the CDP extension from issued certificates, when CRL revocation is enabled.
|
8
|
+
|
9
|
+
1.63.0 (2023-11-28)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
13
|
+
|
4
14
|
1.62.0 (2023-11-22)
|
5
15
|
------------------
|
6
16
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.64.0
|
@@ -622,6 +622,9 @@ module Aws::ACMPCA
|
|
622
622
|
# custom_cname: "CnameString",
|
623
623
|
# s3_bucket_name: "S3BucketName3To255",
|
624
624
|
# s3_object_acl: "PUBLIC_READ", # accepts PUBLIC_READ, BUCKET_OWNER_FULL_CONTROL
|
625
|
+
# crl_distribution_point_extension_configuration: {
|
626
|
+
# omit_extension: false, # required
|
627
|
+
# },
|
625
628
|
# },
|
626
629
|
# ocsp_configuration: {
|
627
630
|
# enabled: false, # required
|
@@ -1138,6 +1141,7 @@ module Aws::ACMPCA
|
|
1138
1141
|
# resp.certificate_authority.revocation_configuration.crl_configuration.custom_cname #=> String
|
1139
1142
|
# resp.certificate_authority.revocation_configuration.crl_configuration.s3_bucket_name #=> String
|
1140
1143
|
# resp.certificate_authority.revocation_configuration.crl_configuration.s3_object_acl #=> String, one of "PUBLIC_READ", "BUCKET_OWNER_FULL_CONTROL"
|
1144
|
+
# resp.certificate_authority.revocation_configuration.crl_configuration.crl_distribution_point_extension_configuration.omit_extension #=> Boolean
|
1141
1145
|
# resp.certificate_authority.revocation_configuration.ocsp_configuration.enabled #=> Boolean
|
1142
1146
|
# resp.certificate_authority.revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
|
1143
1147
|
# resp.certificate_authority.restorable_until #=> Time
|
@@ -1886,6 +1890,9 @@ module Aws::ACMPCA
|
|
1886
1890
|
# sent in the response. Use this `NextToken` value in a subsequent
|
1887
1891
|
# request to retrieve additional items.
|
1888
1892
|
#
|
1893
|
+
# Although the maximum value is 1000, the action only returns a maximum
|
1894
|
+
# of 100 items.
|
1895
|
+
#
|
1889
1896
|
# @option params [String] :resource_owner
|
1890
1897
|
# Use this parameter to filter the returned set of certificate
|
1891
1898
|
# authorities based on their owner. The default is SELF.
|
@@ -1980,6 +1987,7 @@ module Aws::ACMPCA
|
|
1980
1987
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.custom_cname #=> String
|
1981
1988
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_bucket_name #=> String
|
1982
1989
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_object_acl #=> String, one of "PUBLIC_READ", "BUCKET_OWNER_FULL_CONTROL"
|
1990
|
+
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.crl_distribution_point_extension_configuration.omit_extension #=> Boolean
|
1983
1991
|
# resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.enabled #=> Boolean
|
1984
1992
|
# resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
|
1985
1993
|
# resp.certificate_authorities[0].restorable_until #=> Time
|
@@ -2555,6 +2563,9 @@ module Aws::ACMPCA
|
|
2555
2563
|
# custom_cname: "CnameString",
|
2556
2564
|
# s3_bucket_name: "S3BucketName3To255",
|
2557
2565
|
# s3_object_acl: "PUBLIC_READ", # accepts PUBLIC_READ, BUCKET_OWNER_FULL_CONTROL
|
2566
|
+
# crl_distribution_point_extension_configuration: {
|
2567
|
+
# omit_extension: false, # required
|
2568
|
+
# },
|
2558
2569
|
# },
|
2559
2570
|
# ocsp_configuration: {
|
2560
2571
|
# enabled: false, # required
|
@@ -2586,7 +2597,7 @@ module Aws::ACMPCA
|
|
2586
2597
|
params: params,
|
2587
2598
|
config: config)
|
2588
2599
|
context[:gem_name] = 'aws-sdk-acmpca'
|
2589
|
-
context[:gem_version] = '1.
|
2600
|
+
context[:gem_version] = '1.64.0'
|
2590
2601
|
Seahorse::Client::Request.new(handlers, context)
|
2591
2602
|
end
|
2592
2603
|
|
@@ -2656,7 +2667,7 @@ module Aws::ACMPCA
|
|
2656
2667
|
# | --------------------------------- | ---------------------------------------------------- | -------- | ------------- |
|
2657
2668
|
# | audit_report_created | {Client#describe_certificate_authority_audit_report} | 3 | 60 |
|
2658
2669
|
# | certificate_authority_csr_created | {Client#get_certificate_authority_csr} | 3 | 60 |
|
2659
|
-
# | certificate_issued | {Client#get_certificate} |
|
2670
|
+
# | certificate_issued | {Client#get_certificate} | 1 | 60 |
|
2660
2671
|
#
|
2661
2672
|
# @raise [Errors::FailureStateError] Raised when the waiter terminates
|
2662
2673
|
# because the waiter has entered a state that it will not transition
|
@@ -51,6 +51,7 @@ module Aws::ACMPCA
|
|
51
51
|
CreateCertificateAuthorityResponse = Shapes::StructureShape.new(name: 'CreateCertificateAuthorityResponse')
|
52
52
|
CreatePermissionRequest = Shapes::StructureShape.new(name: 'CreatePermissionRequest')
|
53
53
|
CrlConfiguration = Shapes::StructureShape.new(name: 'CrlConfiguration')
|
54
|
+
CrlDistributionPointExtensionConfiguration = Shapes::StructureShape.new(name: 'CrlDistributionPointExtensionConfiguration')
|
54
55
|
CsrBlob = Shapes::BlobShape.new(name: 'CsrBlob')
|
55
56
|
CsrBody = Shapes::StringShape.new(name: 'CsrBody')
|
56
57
|
CsrExtensions = Shapes::StructureShape.new(name: 'CsrExtensions')
|
@@ -258,8 +259,12 @@ module Aws::ACMPCA
|
|
258
259
|
CrlConfiguration.add_member(:custom_cname, Shapes::ShapeRef.new(shape: CnameString, location_name: "CustomCname"))
|
259
260
|
CrlConfiguration.add_member(:s3_bucket_name, Shapes::ShapeRef.new(shape: S3BucketName3To255, location_name: "S3BucketName"))
|
260
261
|
CrlConfiguration.add_member(:s3_object_acl, Shapes::ShapeRef.new(shape: S3ObjectAcl, location_name: "S3ObjectAcl"))
|
262
|
+
CrlConfiguration.add_member(:crl_distribution_point_extension_configuration, Shapes::ShapeRef.new(shape: CrlDistributionPointExtensionConfiguration, location_name: "CrlDistributionPointExtensionConfiguration"))
|
261
263
|
CrlConfiguration.struct_class = Types::CrlConfiguration
|
262
264
|
|
265
|
+
CrlDistributionPointExtensionConfiguration.add_member(:omit_extension, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "OmitExtension", metadata: {"box"=>true}))
|
266
|
+
CrlDistributionPointExtensionConfiguration.struct_class = Types::CrlDistributionPointExtensionConfiguration
|
267
|
+
|
263
268
|
CsrExtensions.add_member(:key_usage, Shapes::ShapeRef.new(shape: KeyUsage, location_name: "KeyUsage"))
|
264
269
|
CsrExtensions.add_member(:subject_information_access, Shapes::ShapeRef.new(shape: AccessDescriptionList, location_name: "SubjectInformationAccess"))
|
265
270
|
CsrExtensions.struct_class = Types::CsrExtensions
|
@@ -32,8 +32,8 @@ module Aws::ACMPCA
|
|
32
32
|
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
33
33
|
end
|
34
34
|
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
35
|
-
if Aws::Endpoints::Matchers.boolean_equals?(
|
36
|
-
if Aws::Endpoints::Matchers.string_equals?(
|
35
|
+
if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
|
36
|
+
if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-us-gov")
|
37
37
|
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{region}.amazonaws.com", headers: {}, properties: {})
|
38
38
|
end
|
39
39
|
return Aws::Endpoints::Endpoint.new(url: "https://acm-pca-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
@@ -25,16 +25,17 @@ module Aws::ACMPCA
|
|
25
25
|
# @api private
|
26
26
|
class Handler < Seahorse::Client::Handler
|
27
27
|
def call(context)
|
28
|
-
# If endpoint was discovered, do not resolve or apply the endpoint.
|
29
28
|
unless context[:discovered_endpoint]
|
30
29
|
params = parameters_for_operation(context)
|
31
30
|
endpoint = context.config.endpoint_provider.resolve_endpoint(params)
|
32
31
|
|
33
32
|
context.http_request.endpoint = endpoint.url
|
34
33
|
apply_endpoint_headers(context, endpoint.headers)
|
34
|
+
|
35
|
+
context[:endpoint_params] = params
|
36
|
+
context[:endpoint_properties] = endpoint.properties
|
35
37
|
end
|
36
38
|
|
37
|
-
context[:endpoint_params] = params
|
38
39
|
context[:auth_scheme] =
|
39
40
|
Aws::Endpoints.resolve_auth_scheme(context, endpoint)
|
40
41
|
|
data/lib/aws-sdk-acmpca/types.rb
CHANGED
@@ -640,9 +640,12 @@ module Aws::ACMPCA
|
|
640
640
|
# Your private CA writes CRLs to an S3 bucket that you specify in the
|
641
641
|
# **S3BucketName** parameter. You can hide the name of your bucket by
|
642
642
|
# specifying a value for the **CustomCname** parameter. Your private CA
|
643
|
-
# copies the CNAME or the S3 bucket name to the **CRL
|
644
|
-
# Points** extension of each certificate it issues.
|
645
|
-
#
|
643
|
+
# by default copies the CNAME or the S3 bucket name to the **CRL
|
644
|
+
# Distribution Points** extension of each certificate it issues. If you
|
645
|
+
# want to configure this default behavior to be something different, you
|
646
|
+
# can set the **CrlDistributionPointExtensionConfiguration** parameter.
|
647
|
+
# Your S3 bucket policy must give write permission to Amazon Web
|
648
|
+
# Services Private CA.
|
646
649
|
#
|
647
650
|
# Amazon Web Services Private CA assets that are stored in Amazon S3 can
|
648
651
|
# be protected with encryption. For more information, see [Encrypting
|
@@ -798,6 +801,13 @@ module Aws::ACMPCA
|
|
798
801
|
# [1]: https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa
|
799
802
|
# @return [String]
|
800
803
|
#
|
804
|
+
# @!attribute [rw] crl_distribution_point_extension_configuration
|
805
|
+
# Configures the behavior of the CRL Distribution Point extension for
|
806
|
+
# certificates issued by your certificate authority. If this field is
|
807
|
+
# not provided, then the CRl Distribution Point Extension will be
|
808
|
+
# present and contain the default CRL URL.
|
809
|
+
# @return [Types::CrlDistributionPointExtensionConfiguration]
|
810
|
+
#
|
801
811
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CrlConfiguration AWS API Documentation
|
802
812
|
#
|
803
813
|
class CrlConfiguration < Struct.new(
|
@@ -805,7 +815,38 @@ module Aws::ACMPCA
|
|
805
815
|
:expiration_in_days,
|
806
816
|
:custom_cname,
|
807
817
|
:s3_bucket_name,
|
808
|
-
:s3_object_acl
|
818
|
+
:s3_object_acl,
|
819
|
+
:crl_distribution_point_extension_configuration)
|
820
|
+
SENSITIVE = []
|
821
|
+
include Aws::Structure
|
822
|
+
end
|
823
|
+
|
824
|
+
# Contains configuration information for the default behavior of the CRL
|
825
|
+
# Distribution Point (CDP) extension in certificates issued by your CA.
|
826
|
+
# This extension contains a link to download the CRL, so you can check
|
827
|
+
# whether a certificate has been revoked. To choose whether you want
|
828
|
+
# this extension omitted or not in certificates issued by your CA, you
|
829
|
+
# can set the **OmitExtension** parameter.
|
830
|
+
#
|
831
|
+
# @!attribute [rw] omit_extension
|
832
|
+
# Configures whether the CRL Distribution Point extension should be
|
833
|
+
# populated with the default URL to the CRL. If set to `true`, then
|
834
|
+
# the CDP extension will not be present in any certificates issued by
|
835
|
+
# that CA unless otherwise specified through CSR or API passthrough.
|
836
|
+
#
|
837
|
+
# <note markdown="1"> Only set this if you have another way to distribute the CRL
|
838
|
+
# Distribution Points ffor certificates issued by your CA, such as the
|
839
|
+
# Matter Distributed Compliance Ledger
|
840
|
+
#
|
841
|
+
# This configuration cannot be enabled with a custom CNAME set.
|
842
|
+
#
|
843
|
+
# </note>
|
844
|
+
# @return [Boolean]
|
845
|
+
#
|
846
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CrlDistributionPointExtensionConfiguration AWS API Documentation
|
847
|
+
#
|
848
|
+
class CrlDistributionPointExtensionConfiguration < Struct.new(
|
849
|
+
:omit_extension)
|
809
850
|
SENSITIVE = []
|
810
851
|
include Aws::Structure
|
811
852
|
end
|
@@ -1785,6 +1826,9 @@ module Aws::ACMPCA
|
|
1785
1826
|
# additional items exist beyond the number you specify, the
|
1786
1827
|
# `NextToken` element is sent in the response. Use this `NextToken`
|
1787
1828
|
# value in a subsequent request to retrieve additional items.
|
1829
|
+
#
|
1830
|
+
# Although the maximum value is 1000, the action only returns a
|
1831
|
+
# maximum of 100 items.
|
1788
1832
|
# @return [Integer]
|
1789
1833
|
#
|
1790
1834
|
# @!attribute [rw] resource_owner
|
@@ -71,7 +71,7 @@ module Aws::ACMPCA
|
|
71
71
|
# | --------------------------------- | ---------------------------------------------------- | -------- | ------------- |
|
72
72
|
# | audit_report_created | {Client#describe_certificate_authority_audit_report} | 3 | 60 |
|
73
73
|
# | certificate_authority_csr_created | {Client#get_certificate_authority_csr} | 3 | 60 |
|
74
|
-
# | certificate_issued | {Client#get_certificate} |
|
74
|
+
# | certificate_issued | {Client#get_certificate} | 1 | 60 |
|
75
75
|
#
|
76
76
|
module Waiters
|
77
77
|
|
@@ -169,14 +169,14 @@ module Aws::ACMPCA
|
|
169
169
|
# @param [Hash] options
|
170
170
|
# @option options [required, Client] :client
|
171
171
|
# @option options [Integer] :max_attempts (60)
|
172
|
-
# @option options [Integer] :delay (
|
172
|
+
# @option options [Integer] :delay (1)
|
173
173
|
# @option options [Proc] :before_attempt
|
174
174
|
# @option options [Proc] :before_wait
|
175
175
|
def initialize(options)
|
176
176
|
@client = options.fetch(:client)
|
177
177
|
@waiter = Aws::Waiters::Waiter.new({
|
178
178
|
max_attempts: 60,
|
179
|
-
delay:
|
179
|
+
delay: 1,
|
180
180
|
poller: Aws::Waiters::Poller.new(
|
181
181
|
operation_name: :get_certificate,
|
182
182
|
acceptors: [
|
data/lib/aws-sdk-acmpca.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-acmpca
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.64.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-01-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -73,7 +73,7 @@ licenses:
|
|
73
73
|
metadata:
|
74
74
|
source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-acmpca
|
75
75
|
changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-acmpca/CHANGELOG.md
|
76
|
-
post_install_message:
|
76
|
+
post_install_message:
|
77
77
|
rdoc_options: []
|
78
78
|
require_paths:
|
79
79
|
- lib
|
@@ -88,8 +88,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
88
88
|
- !ruby/object:Gem::Version
|
89
89
|
version: '0'
|
90
90
|
requirements: []
|
91
|
-
rubygems_version: 3.
|
92
|
-
signing_key:
|
91
|
+
rubygems_version: 3.4.10
|
92
|
+
signing_key:
|
93
93
|
specification_version: 4
|
94
94
|
summary: AWS SDK for Ruby - ACM-PCA
|
95
95
|
test_files: []
|