aws-sdk-acmpca 1.87.0 → 1.89.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-acmpca/client.rb +9 -1
- data/lib/aws-sdk-acmpca/client_api.rb +4 -0
- data/lib/aws-sdk-acmpca/types.rb +37 -1
- data/lib/aws-sdk-acmpca/waiters.rb +11 -11
- data/lib/aws-sdk-acmpca.rb +1 -1
- data/sig/client.rbs +6 -2
- data/sig/types.rbs +2 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f368003be33ec2bb21e1c16460b5dd6689e9a0c791125948cb134d1ac5097b0f
|
|
4
|
+
data.tar.gz: 9d8e2524582f1262fee591b8c5c283090f6eb1a915cff35d7bbfbc421ebcf13d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '09d6833875421410d4ef1d88677798fc6af3d33716cbc51c19047402b666bc1ac6d21e1803f9065c5f608b25822865768f29fc97e9952ec5cdb27ed39e777ae0'
|
|
7
|
+
data.tar.gz: 57d3840b2810673c752cb35745b79fbd1a30339d85e181fc6e3fae0a725f7fb66ccf690a8dba48dda58334e9c293c2c70c43144e34b0afc6b6b702d668959bcf
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.89.0 (2025-02-13)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Private Certificate Authority (PCA) documentation updates
|
|
8
|
+
|
|
9
|
+
1.88.0 (2025-02-11)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - Private Certificate Authority service now supports Partitioned CRL as a revocation configuration option.
|
|
13
|
+
|
|
4
14
|
1.87.0 (2025-02-06)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.89.0
|
|
@@ -702,6 +702,8 @@ module Aws::ACMPCA
|
|
|
702
702
|
# crl_distribution_point_extension_configuration: {
|
|
703
703
|
# omit_extension: false, # required
|
|
704
704
|
# },
|
|
705
|
+
# crl_type: "COMPLETE", # accepts COMPLETE, PARTITIONED
|
|
706
|
+
# custom_path: "CrlPathString",
|
|
705
707
|
# },
|
|
706
708
|
# ocsp_configuration: {
|
|
707
709
|
# enabled: false, # required
|
|
@@ -1215,6 +1217,8 @@ module Aws::ACMPCA
|
|
|
1215
1217
|
# resp.certificate_authority.revocation_configuration.crl_configuration.s3_bucket_name #=> String
|
|
1216
1218
|
# resp.certificate_authority.revocation_configuration.crl_configuration.s3_object_acl #=> String, one of "PUBLIC_READ", "BUCKET_OWNER_FULL_CONTROL"
|
|
1217
1219
|
# resp.certificate_authority.revocation_configuration.crl_configuration.crl_distribution_point_extension_configuration.omit_extension #=> Boolean
|
|
1220
|
+
# resp.certificate_authority.revocation_configuration.crl_configuration.crl_type #=> String, one of "COMPLETE", "PARTITIONED"
|
|
1221
|
+
# resp.certificate_authority.revocation_configuration.crl_configuration.custom_path #=> String
|
|
1218
1222
|
# resp.certificate_authority.revocation_configuration.ocsp_configuration.enabled #=> Boolean
|
|
1219
1223
|
# resp.certificate_authority.revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
|
|
1220
1224
|
# resp.certificate_authority.restorable_until #=> Time
|
|
@@ -2064,6 +2068,8 @@ module Aws::ACMPCA
|
|
|
2064
2068
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_bucket_name #=> String
|
|
2065
2069
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_object_acl #=> String, one of "PUBLIC_READ", "BUCKET_OWNER_FULL_CONTROL"
|
|
2066
2070
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.crl_distribution_point_extension_configuration.omit_extension #=> Boolean
|
|
2071
|
+
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.crl_type #=> String, one of "COMPLETE", "PARTITIONED"
|
|
2072
|
+
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.custom_path #=> String
|
|
2067
2073
|
# resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.enabled #=> Boolean
|
|
2068
2074
|
# resp.certificate_authorities[0].revocation_configuration.ocsp_configuration.ocsp_custom_cname #=> String
|
|
2069
2075
|
# resp.certificate_authorities[0].restorable_until #=> Time
|
|
@@ -2653,6 +2659,8 @@ module Aws::ACMPCA
|
|
|
2653
2659
|
# crl_distribution_point_extension_configuration: {
|
|
2654
2660
|
# omit_extension: false, # required
|
|
2655
2661
|
# },
|
|
2662
|
+
# crl_type: "COMPLETE", # accepts COMPLETE, PARTITIONED
|
|
2663
|
+
# custom_path: "CrlPathString",
|
|
2656
2664
|
# },
|
|
2657
2665
|
# ocsp_configuration: {
|
|
2658
2666
|
# enabled: false, # required
|
|
@@ -2689,7 +2697,7 @@ module Aws::ACMPCA
|
|
|
2689
2697
|
tracer: tracer
|
|
2690
2698
|
)
|
|
2691
2699
|
context[:gem_name] = 'aws-sdk-acmpca'
|
|
2692
|
-
context[:gem_version] = '1.
|
|
2700
|
+
context[:gem_version] = '1.89.0'
|
|
2693
2701
|
Seahorse::Client::Request.new(handlers, context)
|
|
2694
2702
|
end
|
|
2695
2703
|
|
|
@@ -53,6 +53,8 @@ module Aws::ACMPCA
|
|
|
53
53
|
CreatePermissionRequest = Shapes::StructureShape.new(name: 'CreatePermissionRequest')
|
|
54
54
|
CrlConfiguration = Shapes::StructureShape.new(name: 'CrlConfiguration')
|
|
55
55
|
CrlDistributionPointExtensionConfiguration = Shapes::StructureShape.new(name: 'CrlDistributionPointExtensionConfiguration')
|
|
56
|
+
CrlPathString = Shapes::StringShape.new(name: 'CrlPathString')
|
|
57
|
+
CrlType = Shapes::StringShape.new(name: 'CrlType')
|
|
56
58
|
CsrBlob = Shapes::BlobShape.new(name: 'CsrBlob')
|
|
57
59
|
CsrBody = Shapes::StringShape.new(name: 'CsrBody')
|
|
58
60
|
CsrExtensions = Shapes::StructureShape.new(name: 'CsrExtensions')
|
|
@@ -261,6 +263,8 @@ module Aws::ACMPCA
|
|
|
261
263
|
CrlConfiguration.add_member(:s3_bucket_name, Shapes::ShapeRef.new(shape: S3BucketName3To255, location_name: "S3BucketName"))
|
|
262
264
|
CrlConfiguration.add_member(:s3_object_acl, Shapes::ShapeRef.new(shape: S3ObjectAcl, location_name: "S3ObjectAcl"))
|
|
263
265
|
CrlConfiguration.add_member(:crl_distribution_point_extension_configuration, Shapes::ShapeRef.new(shape: CrlDistributionPointExtensionConfiguration, location_name: "CrlDistributionPointExtensionConfiguration"))
|
|
266
|
+
CrlConfiguration.add_member(:crl_type, Shapes::ShapeRef.new(shape: CrlType, location_name: "CrlType"))
|
|
267
|
+
CrlConfiguration.add_member(:custom_path, Shapes::ShapeRef.new(shape: CrlPathString, location_name: "CustomPath"))
|
|
264
268
|
CrlConfiguration.struct_class = Types::CrlConfiguration
|
|
265
269
|
|
|
266
270
|
CrlDistributionPointExtensionConfiguration.add_member(:omit_extension, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "OmitExtension", metadata: {"box"=>true}))
|
data/lib/aws-sdk-acmpca/types.rb
CHANGED
|
@@ -804,6 +804,40 @@ module Aws::ACMPCA
|
|
|
804
804
|
# present and contain the default CRL URL.
|
|
805
805
|
# @return [Types::CrlDistributionPointExtensionConfiguration]
|
|
806
806
|
#
|
|
807
|
+
# @!attribute [rw] crl_type
|
|
808
|
+
# Specifies whether to create a complete or partitioned CRL. This
|
|
809
|
+
# setting determines the maximum number of certificates that the
|
|
810
|
+
# certificate authority can issue and revoke. For more information,
|
|
811
|
+
# see [Amazon Web Services Private CA
|
|
812
|
+
# quotas](privateca/latest/userguide/pca.html#limits_pca).
|
|
813
|
+
#
|
|
814
|
+
# * `COMPLETE` - The default setting. Amazon Web Services Private CA
|
|
815
|
+
# maintains a single CRL file for all unexpired certificates issued by
|
|
816
|
+
# a CA that have been revoked for any reason. Each certificate that
|
|
817
|
+
# Amazon Web Services Private CA issues is bound to a specific CRL
|
|
818
|
+
# through its CRL distribution point (CDP) extension, defined in [
|
|
819
|
+
# RFC 5280][1].
|
|
820
|
+
#
|
|
821
|
+
# * `PARTITIONED` - Compared to complete CRLs, partitioned CRLs
|
|
822
|
+
# dramatically increase the number of certificates your private CA
|
|
823
|
+
# can issue.
|
|
824
|
+
#
|
|
825
|
+
# When using partitioned CRLs, you must validate that the CRL's
|
|
826
|
+
# associated issuing distribution point (IDP) URI matches the
|
|
827
|
+
# certificate's CDP URI to ensure the right CRL has been fetched.
|
|
828
|
+
# Amazon Web Services Private CA marks the IDP extension as
|
|
829
|
+
# critical, which your client must be able to process.
|
|
830
|
+
#
|
|
831
|
+
#
|
|
832
|
+
#
|
|
833
|
+
# [1]: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.9
|
|
834
|
+
# @return [String]
|
|
835
|
+
#
|
|
836
|
+
# @!attribute [rw] custom_path
|
|
837
|
+
# Designates a custom file path in S3 for CRL(s). For example,
|
|
838
|
+
# `http://<CustomName>/ <CustomPath>/<CrlPartition_GUID>.crl`.
|
|
839
|
+
# @return [String]
|
|
840
|
+
#
|
|
807
841
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CrlConfiguration AWS API Documentation
|
|
808
842
|
#
|
|
809
843
|
class CrlConfiguration < Struct.new(
|
|
@@ -812,7 +846,9 @@ module Aws::ACMPCA
|
|
|
812
846
|
:custom_cname,
|
|
813
847
|
:s3_bucket_name,
|
|
814
848
|
:s3_object_acl,
|
|
815
|
-
:crl_distribution_point_extension_configuration
|
|
849
|
+
:crl_distribution_point_extension_configuration,
|
|
850
|
+
:crl_type,
|
|
851
|
+
:custom_path)
|
|
816
852
|
SENSITIVE = []
|
|
817
853
|
include Aws::Structure
|
|
818
854
|
end
|
|
@@ -93,20 +93,20 @@ module Aws::ACMPCA
|
|
|
93
93
|
operation_name: :describe_certificate_authority_audit_report,
|
|
94
94
|
acceptors: [
|
|
95
95
|
{
|
|
96
|
-
"state" => "success",
|
|
97
96
|
"matcher" => "path",
|
|
98
97
|
"argument" => "audit_report_status",
|
|
98
|
+
"state" => "success",
|
|
99
99
|
"expected" => "SUCCESS"
|
|
100
100
|
},
|
|
101
101
|
{
|
|
102
|
-
"state" => "failure",
|
|
103
102
|
"matcher" => "path",
|
|
104
103
|
"argument" => "audit_report_status",
|
|
104
|
+
"state" => "failure",
|
|
105
105
|
"expected" => "FAILED"
|
|
106
106
|
},
|
|
107
107
|
{
|
|
108
|
-
"state" => "failure",
|
|
109
108
|
"matcher" => "error",
|
|
109
|
+
"state" => "failure",
|
|
110
110
|
"expected" => "AccessDeniedException"
|
|
111
111
|
}
|
|
112
112
|
]
|
|
@@ -143,18 +143,18 @@ module Aws::ACMPCA
|
|
|
143
143
|
operation_name: :get_certificate_authority_csr,
|
|
144
144
|
acceptors: [
|
|
145
145
|
{
|
|
146
|
+
"matcher" => "error",
|
|
146
147
|
"state" => "success",
|
|
147
|
-
"
|
|
148
|
-
"expected" => 200
|
|
148
|
+
"expected" => false
|
|
149
149
|
},
|
|
150
150
|
{
|
|
151
|
-
"state" => "retry",
|
|
152
151
|
"matcher" => "error",
|
|
152
|
+
"state" => "retry",
|
|
153
153
|
"expected" => "RequestInProgressException"
|
|
154
154
|
},
|
|
155
155
|
{
|
|
156
|
-
"state" => "failure",
|
|
157
156
|
"matcher" => "error",
|
|
157
|
+
"state" => "failure",
|
|
158
158
|
"expected" => "AccessDeniedException"
|
|
159
159
|
}
|
|
160
160
|
]
|
|
@@ -191,18 +191,18 @@ module Aws::ACMPCA
|
|
|
191
191
|
operation_name: :get_certificate,
|
|
192
192
|
acceptors: [
|
|
193
193
|
{
|
|
194
|
+
"matcher" => "error",
|
|
194
195
|
"state" => "success",
|
|
195
|
-
"
|
|
196
|
-
"expected" => 200
|
|
196
|
+
"expected" => false
|
|
197
197
|
},
|
|
198
198
|
{
|
|
199
|
-
"state" => "retry",
|
|
200
199
|
"matcher" => "error",
|
|
200
|
+
"state" => "retry",
|
|
201
201
|
"expected" => "RequestInProgressException"
|
|
202
202
|
},
|
|
203
203
|
{
|
|
204
|
-
"state" => "failure",
|
|
205
204
|
"matcher" => "error",
|
|
205
|
+
"state" => "failure",
|
|
206
206
|
"expected" => "AccessDeniedException"
|
|
207
207
|
}
|
|
208
208
|
]
|
data/lib/aws-sdk-acmpca.rb
CHANGED
data/sig/client.rbs
CHANGED
|
@@ -177,7 +177,9 @@ module Aws
|
|
|
177
177
|
s3_object_acl: ("PUBLIC_READ" | "BUCKET_OWNER_FULL_CONTROL")?,
|
|
178
178
|
crl_distribution_point_extension_configuration: {
|
|
179
179
|
omit_extension: bool
|
|
180
|
-
}
|
|
180
|
+
}?,
|
|
181
|
+
crl_type: ("COMPLETE" | "PARTITIONED")?,
|
|
182
|
+
custom_path: ::String?
|
|
181
183
|
}?,
|
|
182
184
|
ocsp_configuration: {
|
|
183
185
|
enabled: bool,
|
|
@@ -535,7 +537,9 @@ module Aws
|
|
|
535
537
|
s3_object_acl: ("PUBLIC_READ" | "BUCKET_OWNER_FULL_CONTROL")?,
|
|
536
538
|
crl_distribution_point_extension_configuration: {
|
|
537
539
|
omit_extension: bool
|
|
538
|
-
}
|
|
540
|
+
}?,
|
|
541
|
+
crl_type: ("COMPLETE" | "PARTITIONED")?,
|
|
542
|
+
custom_path: ::String?
|
|
539
543
|
}?,
|
|
540
544
|
ocsp_configuration: {
|
|
541
545
|
enabled: bool,
|
data/sig/types.rbs
CHANGED
|
@@ -126,6 +126,8 @@ module Aws::ACMPCA
|
|
|
126
126
|
attr_accessor s3_bucket_name: ::String
|
|
127
127
|
attr_accessor s3_object_acl: ("PUBLIC_READ" | "BUCKET_OWNER_FULL_CONTROL")
|
|
128
128
|
attr_accessor crl_distribution_point_extension_configuration: Types::CrlDistributionPointExtensionConfiguration
|
|
129
|
+
attr_accessor crl_type: ("COMPLETE" | "PARTITIONED")
|
|
130
|
+
attr_accessor custom_path: ::String
|
|
129
131
|
SENSITIVE: []
|
|
130
132
|
end
|
|
131
133
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-acmpca
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.89.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-02-
|
|
11
|
+
date: 2025-02-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|