RubyGems - aws-sdk-acmpca - Versions diffs - 1.82.0 → 1.84.0 - Mend

aws-sdk-acmpca 1.82.0 → 1.84.0

Files changed (10) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +10 -0
data/VERSION +1 -1
data/lib/aws-sdk-acmpca/client.rb +53 -45
data/lib/aws-sdk-acmpca/endpoint_parameters.rb +9 -6
data/lib/aws-sdk-acmpca/endpoints.rb +2 -251
data/lib/aws-sdk-acmpca/plugins/endpoints.rb +1 -52
data/lib/aws-sdk-acmpca/types.rb +26 -17
data/lib/aws-sdk-acmpca.rb +1 -1
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d40f57fc25730101a992c2e0e26fcf001ed1c9506415c54fe11291a503a089e9
-  data.tar.gz: 372d4e963017b66b600b1ada6b89d31dad8c9483718c3a398958bddcb55b73d9
+  metadata.gz: 2c3f6291185b5ed56182b0fd13a92a72e65e447cf901cbd2b3222abb32e491b2
+  data.tar.gz: b072cb5567532a7d7395bb09c8caa0610b8185ca00439fbcab77f55870da7d9c
 SHA512:
-  metadata.gz: f090474503debe116dacf72f2ee441b17e02f762b804559a8fe903dd7c505e62fd950a4270eda5af952ae7989f3ba61f8cf7efe1da7874a2b5d6ef87caf40164
-  data.tar.gz: f228527bc2e52b6b06c991500a89b55a8e46aaff30309dd03bc487f797fcef08a195cd00e5642a3b0795eda6eda10e9edc21ac8042c0349ae26dc366291f133d
+  metadata.gz: ee153da3a1145479d0b186f1117dd15eb80a0ceb468a5e949a844482cf46c8d5d02d23bf7c17db35d8df3060fc9e5546e6b6b4ff21f7e5259739e0c1a8afcce4
+  data.tar.gz: 1ff6a6d1636e0d7fece86d7305f6fd0862fe36d67d95a71b348f08b3ba466c244d5f6bd39b2b20f1b74255dd0fa94dd9e651fde869aaf99dc293a17d7d08dd2e

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
+1.84.0 (2024-10-18)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+1.83.0 (2024-10-10)
+------------------
+* Feature - Documentation updates for AWS Private CA.
 1.82.0 (2024-09-24)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.82.0
1	+ 1.84.0

data/lib/aws-sdk-acmpca/client.rb CHANGED Viewed

@@ -491,14 +491,14 @@ module Aws::ACMPCA
     #   signing algorithm, and X.500 certificate subject information.
     #
     # @option params [Types::RevocationConfiguration] :revocation_configuration
-    #   Contains information to enable Online Certificate Status Protocol
-    #   (OCSP) support, to enable a certificate revocation list (CRL), to
-    #   enable both, or to enable neither. The default is for both certificate
-    #   validation mechanisms to be disabled.
+    #   Contains information to enable support for Online Certificate Status
+    #   Protocol (OCSP), certificate revocation list (CRL), both protocols, or
+    #   neither. By default, both certificate validation mechanisms are
+    #   disabled.
     #
-    #   <note markdown="1"> The following requirements apply to revocation configurations.
+    #   The following requirements apply to revocation configurations.
     #
-    #    * A configuration disabling CRLs or OCSP must contain only the
+    #   * A configuration disabling CRLs or OCSP must contain only the
     #     `Enabled=False` parameter, and will fail if other parameters such as
     #     `CustomCname` or `ExpirationInDays` are included.
     #
@@ -512,8 +512,6 @@ module Aws::ACMPCA
     #   * In a CRL or OCSP configuration, the value of a CNAME parameter must
     #     not include a protocol prefix such as "http://" or "https://".
     #
-    #    </note>
-    #
     #   For more information, see the [OcspConfiguration][3] and
     #   [CrlConfiguration][4] types.
     #
@@ -713,17 +711,13 @@ module Aws::ACMPCA
     end
     # Creates an audit report that lists every time that your CA private key
-    # is used. The report is saved in the Amazon S3 bucket that you specify
-    # on input. The [IssueCertificate][1] and [RevokeCertificate][2] actions
-    # use the private key.
-    #
-    # <note markdown="1"> Both Amazon Web Services Private CA and the IAM principal must have
-    # permission to write to the S3 bucket that you specify. If the IAM
-    # principal making the call does not have permission to write to the
-    # bucket, then an exception is thrown. For more information, see [Access
-    # policies for CRLs in Amazon S3][3].
+    # is used to issue a certificate. The [IssueCertificate][1] and
+    # [RevokeCertificate][2] actions use the private key.
     #
-    #  </note>
+    # To save the audit report to your designated Amazon S3 bucket, you must
+    # create a bucket policy that grants Amazon Web Services Private CA
+    # permission to access and write to it. For an example policy, see
+    # [Prepare an Amazon S3 bucket for audit reports][3].
     #
     # Amazon Web Services Private CA assets that are stored in Amazon S3 can
     # be protected with encryption. For more information, see [Encrypting
@@ -737,7 +731,7 @@ module Aws::ACMPCA
     #
     # [1]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_IssueCertificate.html
     # [2]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_RevokeCertificate.html
-    # [3]: https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html#s3-policies
+    # [3]: https://docs.aws.amazon.com/privateca/latest/userguide/PcaAuditReport.html#s3-access
     # [4]: https://docs.aws.amazon.com/privateca/latest/userguide/PcaAuditReport.html#audit-report-encryption
     #
     # @option params [required, String] :certificate_authority_arn
@@ -1549,44 +1543,46 @@ module Aws::ACMPCA
     # Amazon Web Services Private CA allows the following extensions to be
     # marked critical in the imported CA certificate or chain.
     #
-    # * Basic constraints (*must* be marked critical)
+    # * Authority key identifier
     #
-    # * Subject alternative names
+    # * Basic constraints (*must* be marked critical)
     #
-    # * Key usage
+    # * Certificate policies
     #
     # * Extended key usage
     #
-    # * Authority key identifier
-    #
-    # * Subject key identifier
+    # * Inhibit anyPolicy
     #
     # * Issuer alternative name
     #
-    # * Subject directory attributes
-    #
-    # * Subject information access
+    # * Key usage
     #
-    # * Certificate policies
+    # * Name constraints
     #
     # * Policy mappings
     #
-    # * Inhibit anyPolicy
+    # * Subject alternative name
     #
-    # Amazon Web Services Private CA rejects the following extensions when
-    # they are marked critical in an imported CA certificate or chain.
+    # * Subject directory attributes
     #
-    # * Name constraints
+    # * Subject key identifier
     #
-    # * Policy constraints
+    # * Subject information access
     #
-    # * CRL distribution points
+    # Amazon Web Services Private CA rejects the following extensions when
+    # they are marked critical in an imported CA certificate or chain.
     #
     # * Authority information access
     #
+    # * CRL distribution points
+    #
     # * Freshest CRL
     #
-    # * Any other extension
+    # * Policy constraints
+    #
+    # Amazon Web Services Private Certificate Authority will also reject any
+    # other extension marked as critical not contained on the preceding list
+    # of allowed extensions.
     #
     #
     #
@@ -2572,15 +2568,15 @@ module Aws::ACMPCA
     #   `
     #
     # @option params [Types::RevocationConfiguration] :revocation_configuration
-    #   Contains information to enable Online Certificate Status Protocol
-    #   (OCSP) support, to enable a certificate revocation list (CRL), to
-    #   enable both, or to enable neither. If this parameter is not supplied,
-    #   existing capibilites remain unchanged. For more information, see the
-    #   [OcspConfiguration][1] and [CrlConfiguration][2] types.
+    #   Contains information to enable support for Online Certificate Status
+    #   Protocol (OCSP), certificate revocation list (CRL), both protocols, or
+    #   neither. If you don't supply this parameter, existing capibilites
+    #   remain unchanged. For more information, see the [OcspConfiguration][1]
+    #   and [CrlConfiguration][2] types.
     #
-    #   <note markdown="1"> The following requirements apply to revocation configurations.
+    #   The following requirements apply to revocation configurations.
     #
-    #    * A configuration disabling CRLs or OCSP must contain only the
+    #   * A configuration disabling CRLs or OCSP must contain only the
     #     `Enabled=False` parameter, and will fail if other parameters such as
     #     `CustomCname` or `ExpirationInDays` are included.
     #
@@ -2594,7 +2590,17 @@ module Aws::ACMPCA
     #   * In a CRL or OCSP configuration, the value of a CNAME parameter must
     #     not include a protocol prefix such as "http://" or "https://".
     #
-    #    </note>
+    #   If you update the `S3BucketName` of [CrlConfiguration][2], you can
+    #   break revocation for existing certificates. In other words, if you
+    #   call [UpdateCertificateAuthority][5] to update the CRL
+    #   configuration's S3 bucket name, Amazon Web Services Private CA only
+    #   writes CRLs to the new S3 bucket. Certificates issued prior to this
+    #   point will have the old S3 bucket name in your CRL Distribution Point
+    #   (CDP) extension, essentially breaking revocation. If you must update
+    #   the S3 bucket, you'll need to reissue old certificates to keep the
+    #   revocation working. Alternatively, you can use a [CustomCname][6] in
+    #   your CRL configuration if you might need to change the S3 bucket name
+    #   in the future.
     #
     #
     #
@@ -2602,6 +2608,8 @@ module Aws::ACMPCA
     #   [2]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_CrlConfiguration.html
     #   [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html
     #   [4]: https://www.ietf.org/rfc/rfc2396.txt
+    #   [5]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html
+    #   [6]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_CrlConfiguration.html#privateca-Type-CrlConfiguration-CustomCname
     #
     # @option params [String] :status
     #   Status of your private CA.
@@ -2658,7 +2666,7 @@ module Aws::ACMPCA
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-acmpca'
-      context[:gem_version] = '1.82.0'
+      context[:gem_version] = '1.84.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-acmpca/endpoint_parameters.rb CHANGED Viewed

@@ -52,15 +52,18 @@ module Aws::ACMPCA
       self[:region] = options[:region]
       self[:use_dual_stack] = options[:use_dual_stack]
       self[:use_dual_stack] = false if self[:use_dual_stack].nil?
-      if self[:use_dual_stack].nil?
-        raise ArgumentError, "Missing required EndpointParameter: :use_dual_stack"
-      end
       self[:use_fips] = options[:use_fips]
       self[:use_fips] = false if self[:use_fips].nil?
-      if self[:use_fips].nil?
-        raise ArgumentError, "Missing required EndpointParameter: :use_fips"
-      end
       self[:endpoint] = options[:endpoint]
     end
+    def self.create(config, options={})
+      new({
+        region: config.region,
+        use_dual_stack: config.use_dualstack_endpoint,
+        use_fips: config.use_fips_endpoint,
+        endpoint: (config.endpoint.to_s unless config.regional_endpoint),
+      }.merge(options))
+    end
   end
 end

data/lib/aws-sdk-acmpca/endpoints.rb CHANGED Viewed

@@ -12,258 +12,9 @@ module Aws::ACMPCA
   # @api private
   module Endpoints
-    class CreateCertificateAuthority
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class CreateCertificateAuthorityAuditReport
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class CreatePermission
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class DeleteCertificateAuthority
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class DeletePermission
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class DeletePolicy
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class DescribeCertificateAuthority
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class DescribeCertificateAuthorityAuditReport
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class GetCertificate
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class GetCertificateAuthorityCertificate
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class GetCertificateAuthorityCsr
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class GetPolicy
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class ImportCertificateAuthorityCertificate
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class IssueCertificate
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class ListCertificateAuthorities
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class ListPermissions
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class ListTags
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class PutPolicy
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
+    def self.parameters_for_operation(context)
+      Aws::ACMPCA::EndpointParameters.create(context.config)
     end
-    class RestoreCertificateAuthority
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class RevokeCertificate
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class TagCertificateAuthority
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class UntagCertificateAuthority
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
-    class UpdateCertificateAuthority
-      def self.build(context)
-        Aws::ACMPCA::EndpointParameters.new(
-          region: context.config.region,
-          use_dual_stack: context.config.use_dualstack_endpoint,
-          use_fips: context.config.use_fips_endpoint,
-          endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
-        )
-      end
-    end
   end
 end

data/lib/aws-sdk-acmpca/plugins/endpoints.rb CHANGED Viewed

@@ -27,7 +27,7 @@ The endpoint provider used to resolve endpoints. Any object that responds to
       class Handler < Seahorse::Client::Handler
         def call(context)
           unless context[:discovered_endpoint]
-            params = parameters_for_operation(context)
+            params = Aws::ACMPCA::Endpoints.parameters_for_operation(context)
             endpoint = context.config.endpoint_provider.resolve_endpoint(params)
             context.http_request.endpoint = endpoint.url
@@ -67,57 +67,6 @@ The endpoint provider used to resolve endpoints. Any object that responds to
             context.http_request.headers[key] = value
           end
         end
-        def parameters_for_operation(context)
-          case context.operation_name
-          when :create_certificate_authority
-            Aws::ACMPCA::Endpoints::CreateCertificateAuthority.build(context)
-          when :create_certificate_authority_audit_report
-            Aws::ACMPCA::Endpoints::CreateCertificateAuthorityAuditReport.build(context)
-          when :create_permission
-            Aws::ACMPCA::Endpoints::CreatePermission.build(context)
-          when :delete_certificate_authority
-            Aws::ACMPCA::Endpoints::DeleteCertificateAuthority.build(context)
-          when :delete_permission
-            Aws::ACMPCA::Endpoints::DeletePermission.build(context)
-          when :delete_policy
-            Aws::ACMPCA::Endpoints::DeletePolicy.build(context)
-          when :describe_certificate_authority
-            Aws::ACMPCA::Endpoints::DescribeCertificateAuthority.build(context)
-          when :describe_certificate_authority_audit_report
-            Aws::ACMPCA::Endpoints::DescribeCertificateAuthorityAuditReport.build(context)
-          when :get_certificate
-            Aws::ACMPCA::Endpoints::GetCertificate.build(context)
-          when :get_certificate_authority_certificate
-            Aws::ACMPCA::Endpoints::GetCertificateAuthorityCertificate.build(context)
-          when :get_certificate_authority_csr
-            Aws::ACMPCA::Endpoints::GetCertificateAuthorityCsr.build(context)
-          when :get_policy
-            Aws::ACMPCA::Endpoints::GetPolicy.build(context)
-          when :import_certificate_authority_certificate
-            Aws::ACMPCA::Endpoints::ImportCertificateAuthorityCertificate.build(context)
-          when :issue_certificate
-            Aws::ACMPCA::Endpoints::IssueCertificate.build(context)
-          when :list_certificate_authorities
-            Aws::ACMPCA::Endpoints::ListCertificateAuthorities.build(context)
-          when :list_permissions
-            Aws::ACMPCA::Endpoints::ListPermissions.build(context)
-          when :list_tags
-            Aws::ACMPCA::Endpoints::ListTags.build(context)
-          when :put_policy
-            Aws::ACMPCA::Endpoints::PutPolicy.build(context)
-          when :restore_certificate_authority
-            Aws::ACMPCA::Endpoints::RestoreCertificateAuthority.build(context)
-          when :revoke_certificate
-            Aws::ACMPCA::Endpoints::RevokeCertificate.build(context)
-          when :tag_certificate_authority
-            Aws::ACMPCA::Endpoints::TagCertificateAuthority.build(context)
-          when :untag_certificate_authority
-            Aws::ACMPCA::Endpoints::UntagCertificateAuthority.build(context)
-          when :update_certificate_authority
-            Aws::ACMPCA::Endpoints::UpdateCertificateAuthority.build(context)
-          end
-        end
       end
       def add_handlers(handlers, _config)

data/lib/aws-sdk-acmpca/types.rb CHANGED Viewed

@@ -466,14 +466,14 @@ module Aws::ACMPCA
     #   @return [Types::CertificateAuthorityConfiguration]
     #
     # @!attribute [rw] revocation_configuration
-    #   Contains information to enable Online Certificate Status Protocol
-    #   (OCSP) support, to enable a certificate revocation list (CRL), to
-    #   enable both, or to enable neither. The default is for both
-    #   certificate validation mechanisms to be disabled.
+    #   Contains information to enable support for Online Certificate Status
+    #   Protocol (OCSP), certificate revocation list (CRL), both protocols,
+    #   or neither. By default, both certificate validation mechanisms are
+    #   disabled.
     #
-    #   <note markdown="1"> The following requirements apply to revocation configurations.
+    #   The following requirements apply to revocation configurations.
     #
-    #    * A configuration disabling CRLs or OCSP must contain only the
+    #   * A configuration disabling CRLs or OCSP must contain only the
     #     `Enabled=False` parameter, and will fail if other parameters such
     #     as `CustomCname` or `ExpirationInDays` are included.
     #
@@ -488,8 +488,6 @@ module Aws::ACMPCA
     #     must not include a protocol prefix such as "http://" or
     #     "https://".
     #
-    #    </note>
-    #
     #   For more information, see the [OcspConfiguration][3] and
     #   [CrlConfiguration][4] types.
     #
@@ -2518,16 +2516,15 @@ module Aws::ACMPCA
     #   @return [String]
     #
     # @!attribute [rw] revocation_configuration
-    #   Contains information to enable Online Certificate Status Protocol
-    #   (OCSP) support, to enable a certificate revocation list (CRL), to
-    #   enable both, or to enable neither. If this parameter is not
-    #   supplied, existing capibilites remain unchanged. For more
-    #   information, see the [OcspConfiguration][1] and
-    #   [CrlConfiguration][2] types.
+    #   Contains information to enable support for Online Certificate Status
+    #   Protocol (OCSP), certificate revocation list (CRL), both protocols,
+    #   or neither. If you don't supply this parameter, existing
+    #   capibilites remain unchanged. For more information, see the
+    #   [OcspConfiguration][1] and [CrlConfiguration][2] types.
     #
-    #   <note markdown="1"> The following requirements apply to revocation configurations.
+    #   The following requirements apply to revocation configurations.
     #
-    #    * A configuration disabling CRLs or OCSP must contain only the
+    #   * A configuration disabling CRLs or OCSP must contain only the
     #     `Enabled=False` parameter, and will fail if other parameters such
     #     as `CustomCname` or `ExpirationInDays` are included.
     #
@@ -2542,7 +2539,17 @@ module Aws::ACMPCA
     #     must not include a protocol prefix such as "http://" or
     #     "https://".
     #
-    #    </note>
+    #   If you update the `S3BucketName` of [CrlConfiguration][2], you can
+    #   break revocation for existing certificates. In other words, if you
+    #   call [UpdateCertificateAuthority][5] to update the CRL
+    #   configuration's S3 bucket name, Amazon Web Services Private CA only
+    #   writes CRLs to the new S3 bucket. Certificates issued prior to this
+    #   point will have the old S3 bucket name in your CRL Distribution
+    #   Point (CDP) extension, essentially breaking revocation. If you must
+    #   update the S3 bucket, you'll need to reissue old certificates to
+    #   keep the revocation working. Alternatively, you can use a
+    #   [CustomCname][6] in your CRL configuration if you might need to
+    #   change the S3 bucket name in the future.
     #
     #
     #
@@ -2550,6 +2557,8 @@ module Aws::ACMPCA
     #   [2]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_CrlConfiguration.html
     #   [3]: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html
     #   [4]: https://www.ietf.org/rfc/rfc2396.txt
+    #   [5]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html
+    #   [6]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_CrlConfiguration.html#privateca-Type-CrlConfiguration-CustomCname
     #   @return [Types::RevocationConfiguration]
     #
     # @!attribute [rw] status

data/lib/aws-sdk-acmpca.rb CHANGED Viewed

@@ -55,7 +55,7 @@ module Aws::ACMPCA
   autoload :EndpointProvider, 'aws-sdk-acmpca/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-acmpca/endpoints'
-  GEM_VERSION = '1.82.0'
+  GEM_VERSION = '1.84.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acmpca
 version: !ruby/object:Gem::Version
-  version: 1.82.0
+  version: 1.84.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-09-24 00:00:00.000000000 Z
+date: 2024-10-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.207.0
+        version: 3.210.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.207.0
+        version: 3.210.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement