RubyGems - aws-sdk-acmpca - Versions diffs - 1.86.0 → 1.88.0 - Mend

aws-sdk-acmpca 1.86.0 → 1.88.0

Files changed (12) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +10 -0
data/VERSION +1 -1
data/lib/aws-sdk-acmpca/client.rb +9 -1
data/lib/aws-sdk-acmpca/client_api.rb +4 -0
data/lib/aws-sdk-acmpca/endpoint_provider.rb +14 -18
data/lib/aws-sdk-acmpca/types.rb +41 -1
data/lib/aws-sdk-acmpca/waiters.rb +11 -11
data/lib/aws-sdk-acmpca.rb +1 -1
data/sig/client.rbs +6 -2
data/sig/types.rbs +2 -0
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9746f46d245f29b7bb3747daa0b59d15efa45ead90abcab291562f938ec3bcad
-  data.tar.gz: b38f0fd7c630a0bea17c8ccb9bd5d7468b59e9d83d008b04b7d7bb4c26890e44
+  metadata.gz: c4a3e552a184e56a1b5c444fe9f38ad18e6c6a2d6a19e3fae9302b1570a0e9e0
+  data.tar.gz: 897980aca30d6ca76c84b15419e07a495404e21bf69420d77e6efa24c7681b59
 SHA512:
-  metadata.gz: 1204761ce101b8013c68b6f21ae4600a37ca0b4d6ea660ebded4b206cef4d0275b7ab7aefebacf54143ed42bffac699abd505a22532b4cf86fd7d209414ea430
-  data.tar.gz: 5a7d018411ac44d4cb81bd79170f448bc8ddd597a521f1f871aaffc00757a4e745bab32dab4fa19d33739478386450c0ca34dba1f49c1fdbef659b616a6d92a5
+  metadata.gz: 9b796d157901f2fb3cd5c8877d041ad1b539f94c4e0ea29ca74acd42fc35bc8ada146466a3ede33725df3619f8ce5d954b2aea0ee091914e6f6d0039318c52e8
+  data.tar.gz: 8fd78efd9f98a6276e2de7ae560e68e1740dbdc1d9f8de049b78f19351c3b21321e5bf4d065aab32e620b0e3f7a5e37e70f4996a81a90a558fc6fac257a09e50

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
+1.88.0 (2025-02-11)
+------------------
+* Feature - Private Certificate Authority service now supports Partitioned CRL as a revocation configuration option.
+1.87.0 (2025-02-06)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
 1.86.0 (2025-01-15)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.86.0
1	+ 1.88.0

data/lib/aws-sdk-acmpca/client.rb CHANGED Viewed

@@ -702,6 +702,8 @@ module Aws::ACMPCA
     #         crl_distribution_point_extension_configuration: {
     #           omit_extension: false, # required
     #         },
+    #         crl_type: "COMPLETE", # accepts COMPLETE, PARTITIONED
+    #         custom_path: "CrlPathString",
     #       },
     #       ocsp_configuration: {
     #         enabled: false, # required
@@ -1215,6 +1217,8 @@ module Aws::ACMPCA
     #   resp.certificate_authority.revocation_configuration.crl_configuration.s3_bucket_name #=> String
     #   resp.certificate_authority.revocation_configuration.crl_configuration.s3_object_acl #=> String, one of "PUBLIC_READ", "BUCKET_OWNER_FULL_CONTROL"
     #   resp.certificate_authority.revocation_configuration.crl_configuration.crl_distribution_point_extension_configuration.omit_extension #=> Boolean
+    #   resp.certificate_authority.revocation_configuration.crl_configuration.crl_type #=> String, one of "COMPLETE", "PARTITIONED"
+    #   resp.certificate_authority.revocation_configuration.crl_configuration.custom_path #=> String
     #   resp.certificate_authority.revocation_configuration.ocsp_configuration.enabled #=> Boolean
     #   resp.certificate_authority.revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
     #   resp.certificate_authority.restorable_until #=> Time
@@ -2064,6 +2068,8 @@ module Aws::ACMPCA
     #   resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_bucket_name #=> String
     #   resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_object_acl #=> String, one of "PUBLIC_READ", "BUCKET_OWNER_FULL_CONTROL"
     #   resp.certificate_authorities[0].revocation_configuration.crl_configuration.crl_distribution_point_extension_configuration.omit_extension #=> Boolean
+    #   resp.certificate_authorities[0].revocation_configuration.crl_configuration.crl_type #=> String, one of "COMPLETE", "PARTITIONED"
+    #   resp.certificate_authorities[0].revocation_configuration.crl_configuration.custom_path #=> String
     #   resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.enabled #=> Boolean
     #   resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
     #   resp.certificate_authorities[0].restorable_until #=> Time
@@ -2653,6 +2659,8 @@ module Aws::ACMPCA
     #         crl_distribution_point_extension_configuration: {
     #           omit_extension: false, # required
     #         },
+    #         crl_type: "COMPLETE", # accepts COMPLETE, PARTITIONED
+    #         custom_path: "CrlPathString",
     #       },
     #       ocsp_configuration: {
     #         enabled: false, # required
@@ -2689,7 +2697,7 @@ module Aws::ACMPCA
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-acmpca'
-      context[:gem_version] = '1.86.0'
+      context[:gem_version] = '1.88.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-acmpca/client_api.rb CHANGED Viewed

@@ -53,6 +53,8 @@ module Aws::ACMPCA
     CreatePermissionRequest = Shapes::StructureShape.new(name: 'CreatePermissionRequest')
     CrlConfiguration = Shapes::StructureShape.new(name: 'CrlConfiguration')
     CrlDistributionPointExtensionConfiguration = Shapes::StructureShape.new(name: 'CrlDistributionPointExtensionConfiguration')
+    CrlPathString = Shapes::StringShape.new(name: 'CrlPathString')
+    CrlType = Shapes::StringShape.new(name: 'CrlType')
     CsrBlob = Shapes::BlobShape.new(name: 'CsrBlob')
     CsrBody = Shapes::StringShape.new(name: 'CsrBody')
     CsrExtensions = Shapes::StructureShape.new(name: 'CsrExtensions')
@@ -261,6 +263,8 @@ module Aws::ACMPCA
     CrlConfiguration.add_member(:s3_bucket_name, Shapes::ShapeRef.new(shape: S3BucketName3To255, location_name: "S3BucketName"))
     CrlConfiguration.add_member(:s3_object_acl, Shapes::ShapeRef.new(shape: S3ObjectAcl, location_name: "S3ObjectAcl"))
     CrlConfiguration.add_member(:crl_distribution_point_extension_configuration, Shapes::ShapeRef.new(shape: CrlDistributionPointExtensionConfiguration, location_name: "CrlDistributionPointExtensionConfiguration"))
+    CrlConfiguration.add_member(:crl_type, Shapes::ShapeRef.new(shape: CrlType, location_name: "CrlType"))
+    CrlConfiguration.add_member(:custom_path, Shapes::ShapeRef.new(shape: CrlPathString, location_name: "CustomPath"))
     CrlConfiguration.struct_class = Types::CrlConfiguration
     CrlDistributionPointExtensionConfiguration.add_member(:omit_extension, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "OmitExtension", metadata: {"box"=>true}))

data/lib/aws-sdk-acmpca/endpoint_provider.rb CHANGED Viewed

@@ -10,43 +10,39 @@
 module Aws::ACMPCA
   class EndpointProvider
     def resolve_endpoint(parameters)
-      region = parameters.region
-      use_dual_stack = parameters.use_dual_stack
-      use_fips = parameters.use_fips
-      endpoint = parameters.endpoint
-      if Aws::Endpoints::Matchers.set?(endpoint)
-        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+      if Aws::Endpoints::Matchers.set?(parameters.endpoint)
+        if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true)
           raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
         end
-        if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+        if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
           raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
         end
-        return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
+        return Aws::Endpoints::Endpoint.new(url: parameters.endpoint, headers: {}, properties: {})
       end
-      if Aws::Endpoints::Matchers.set?(region)
-        if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
-          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+      if Aws::Endpoints::Matchers.set?(parameters.region)
+        if (partition_result = Aws::Endpoints::Matchers.aws_partition(parameters.region))
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
             if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-              return Aws::Endpoints::Endpoint.new(url: "https://acm-pca-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+              return Aws::Endpoints::Endpoint.new(url: "https://acm-pca-fips.#{parameters.region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
             end
             raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
           end
-          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_fips, true)
             if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
               if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-us-gov")
-                return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{region}.amazonaws.com", headers: {}, properties: {})
+                return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{parameters.region}.amazonaws.com", headers: {}, properties: {})
               end
-              return Aws::Endpoints::Endpoint.new(url: "https://acm-pca-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+              return Aws::Endpoints::Endpoint.new(url: "https://acm-pca-fips.#{parameters.region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
             end
             raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
           end
-          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+          if Aws::Endpoints::Matchers.boolean_equals?(parameters.use_dual_stack, true)
             if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-              return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+              return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{parameters.region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
             end
             raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
           end
-          return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+          return Aws::Endpoints::Endpoint.new(url: "https://acm-pca.#{parameters.region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
         end
       end
       raise ArgumentError, "Invalid Configuration: Missing Region"

data/lib/aws-sdk-acmpca/types.rb CHANGED Viewed

@@ -804,6 +804,44 @@ module Aws::ACMPCA
     #   present and contain the default CRL URL.
     #   @return [Types::CrlDistributionPointExtensionConfiguration]
     #
+    # @!attribute [rw] crl_type
+    #   Choose whether to use a partitioned or complete CRL. Your choice
+    #   determines the maximum number of certificates that the certificate
+    #   authority can issue and revoke, as described in the [Amazon Web
+    #   Services Private CA quotas][1].
+    #
+    #   * `PARTITIONED` - The default setting. Partitioned CRLs are an
+    #     especially good option for devices that have limited processing
+    #     power or storage capacity, such as certain IoT devices. Compared
+    #     to complete CRLs, partitioned CRLs dramatically increase the
+    #     number of certificates your private CA can issue. Each certificate
+    #     that Amazon Web Services Private CA issues is bound to a specific
+    #     CRL partition through the CRL distribution point (CDP) defined in
+    #     [RFC 5280][2].
+    #
+    #     To make sure that your client fetches the CRL from a valid
+    #     endpoint, we recommend that you programmatically validate that the
+    #     CRL's issuing distribution point (IDP) URI matches the
+    #     certificate's CDP URI. Amazon Web Services Private CA marks the
+    #     IDP extension as critical, which your client must be able to
+    #     process.
+    #
+    #   * `COMPLETE` - Amazon Web Services Private CA maintains a single CRL
+    #     file for all unexpired certificates issued by a CA that have been
+    #     revoked for any reason.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca-connector-ad
+    #   [2]: https://datatracker.ietf.org/doc/html/rfc5280
+    #   @return [String]
+    #
+    # @!attribute [rw] custom_path
+    #   Designates a custom file path in S3 for CRL(s). For example,
+    #   `http://<CustomName>/<CustomPath>/<CrlPartition_GUID>.crl`. You can
+    #   change the custom path up to five times.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CrlConfiguration AWS API Documentation
     #
     class CrlConfiguration < Struct.new(
@@ -812,7 +850,9 @@ module Aws::ACMPCA
       :custom_cname,
       :s3_bucket_name,
       :s3_object_acl,
-      :crl_distribution_point_extension_configuration)
+      :crl_distribution_point_extension_configuration,
+      :crl_type,
+      :custom_path)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-acmpca/waiters.rb CHANGED Viewed

@@ -93,20 +93,20 @@ module Aws::ACMPCA
             operation_name: :describe_certificate_authority_audit_report,
             acceptors: [
               {
-                "state" => "success",
                 "matcher" => "path",
                 "argument" => "audit_report_status",
+                "state" => "success",
                 "expected" => "SUCCESS"
               },
               {
-                "state" => "failure",
                 "matcher" => "path",
                 "argument" => "audit_report_status",
+                "state" => "failure",
                 "expected" => "FAILED"
               },
               {
-                "state" => "failure",
                 "matcher" => "error",
+                "state" => "failure",
                 "expected" => "AccessDeniedException"
               }
             ]
@@ -143,18 +143,18 @@ module Aws::ACMPCA
             operation_name: :get_certificate_authority_csr,
             acceptors: [
               {
+                "matcher" => "error",
                 "state" => "success",
-                "matcher" => "status",
-                "expected" => 200
+                "expected" => false
               },
               {
-                "state" => "retry",
                 "matcher" => "error",
+                "state" => "retry",
                 "expected" => "RequestInProgressException"
               },
               {
-                "state" => "failure",
                 "matcher" => "error",
+                "state" => "failure",
                 "expected" => "AccessDeniedException"
               }
             ]
@@ -191,18 +191,18 @@ module Aws::ACMPCA
             operation_name: :get_certificate,
             acceptors: [
               {
+                "matcher" => "error",
                 "state" => "success",
-                "matcher" => "status",
-                "expected" => 200
+                "expected" => false
               },
               {
-                "state" => "retry",
                 "matcher" => "error",
+                "state" => "retry",
                 "expected" => "RequestInProgressException"
               },
               {
-                "state" => "failure",
                 "matcher" => "error",
+                "state" => "failure",
                 "expected" => "AccessDeniedException"
               }
             ]

data/lib/aws-sdk-acmpca.rb CHANGED Viewed

@@ -55,7 +55,7 @@ module Aws::ACMPCA
   autoload :EndpointProvider, 'aws-sdk-acmpca/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-acmpca/endpoints'
-  GEM_VERSION = '1.86.0'
+  GEM_VERSION = '1.88.0'
 end

data/sig/client.rbs CHANGED Viewed

@@ -177,7 +177,9 @@ module Aws
                                               s3_object_acl: ("PUBLIC_READ" | "BUCKET_OWNER_FULL_CONTROL")?,
                                               crl_distribution_point_extension_configuration: {
                                                 omit_extension: bool
-                                              }?
+                                              }?,
+                                              crl_type: ("COMPLETE" | "PARTITIONED")?,
+                                              custom_path: ::String?
                                             }?,
                                             ocsp_configuration: {
                                               enabled: bool,
@@ -535,7 +537,9 @@ module Aws
                                               s3_object_acl: ("PUBLIC_READ" | "BUCKET_OWNER_FULL_CONTROL")?,
                                               crl_distribution_point_extension_configuration: {
                                                 omit_extension: bool
-                                              }?
+                                              }?,
+                                              crl_type: ("COMPLETE" | "PARTITIONED")?,
+                                              custom_path: ::String?
                                             }?,
                                             ocsp_configuration: {
                                               enabled: bool,

data/sig/types.rbs CHANGED Viewed

@@ -126,6 +126,8 @@ module Aws::ACMPCA
       attr_accessor s3_bucket_name: ::String
       attr_accessor s3_object_acl: ("PUBLIC_READ" | "BUCKET_OWNER_FULL_CONTROL")
       attr_accessor crl_distribution_point_extension_configuration: Types::CrlDistributionPointExtensionConfiguration
+      attr_accessor crl_type: ("COMPLETE" | "PARTITIONED")
+      attr_accessor custom_path: ::String
       SENSITIVE: []
     end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acmpca
 version: !ruby/object:Gem::Version
-  version: 1.86.0
+  version: 1.88.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-15 00:00:00.000000000 Z
+date: 2025-02-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core