aws-sdk-acmpca 1.34.0 → 1.35.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-acmpca.rb +1 -1
- data/lib/aws-sdk-acmpca/client.rb +21 -4
- data/lib/aws-sdk-acmpca/client_api.rb +3 -0
- data/lib/aws-sdk-acmpca/types.rb +41 -5
- metadata +5 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d04817022fa4367102b398d2f979e2f076f2a9289beaf9f9b789f9a3405f1904
|
|
4
|
+
data.tar.gz: 40e3ddf003ceaa3c2390f4112a9648eb8fca9357f287af74585531fdfc518047
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9ce075366b23fb423a85d72b845980d37e1c370dce89b72159973df33ebad843aec8b839d188fd90988fac0e307a6e60b51036eb5e05694e7a52e6a950c3b811
|
|
7
|
+
data.tar.gz: 0f7dbdcdcb82244e9d57792407ecc8a94f59862360959d6d5dc843ab3671497b650882e90b8b7cef804e755f4e415688a45923e6f12e7a7db3b0708e0a9f7d69
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.35.0 (2021-05-04)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - This release adds the KeyStorageSecurityStandard parameter to the CreateCertificateAuthority API to allow customers to mandate a security standard to which the CA key will be stored within.
|
|
8
|
+
|
|
4
9
|
1.34.0 (2021-03-10)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.35.0
|
data/lib/aws-sdk-acmpca.rb
CHANGED
|
@@ -350,7 +350,7 @@ module Aws::ACMPCA
|
|
|
350
350
|
# successful, this action returns the Amazon Resource Name (ARN) of the
|
|
351
351
|
# CA.
|
|
352
352
|
#
|
|
353
|
-
# ACM Private
|
|
353
|
+
# ACM Private CA assets that are stored in Amazon S3 can be protected
|
|
354
354
|
# with encryption. For more information, see [Encrypting Your CRLs][1].
|
|
355
355
|
#
|
|
356
356
|
# <note markdown="1"> Both PCA and the IAM principal must have permission to write to the S3
|
|
@@ -394,6 +394,19 @@ module Aws::ACMPCA
|
|
|
394
394
|
# one. If you change the idempotency token for each call, PCA recognizes
|
|
395
395
|
# that you are requesting multiple certificate authorities.
|
|
396
396
|
#
|
|
397
|
+
# @option params [String] :key_storage_security_standard
|
|
398
|
+
# Specifies a cryptographic key management compliance standard used for
|
|
399
|
+
# handling CA keys.
|
|
400
|
+
#
|
|
401
|
+
# Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
|
|
402
|
+
#
|
|
403
|
+
# Note: AWS Region ap-northeast-3 supports only
|
|
404
|
+
# FIPS\_140\_2\_LEVEL\_2\_OR\_HIGHER. You must explicitly specify this
|
|
405
|
+
# parameter and value when creating a CA in that Region. Specifying a
|
|
406
|
+
# different value (or no value) results in an `InvalidArgsException`
|
|
407
|
+
# with the message "A certificate authority cannot be created in this
|
|
408
|
+
# region with the specified security standard."
|
|
409
|
+
#
|
|
397
410
|
# @option params [Array<Types::Tag>] :tags
|
|
398
411
|
# Key-value pairs that will be attached to the new private CA. You can
|
|
399
412
|
# associate up to 50 tags with a private CA. For information using tags
|
|
@@ -493,6 +506,7 @@ module Aws::ACMPCA
|
|
|
493
506
|
# },
|
|
494
507
|
# certificate_authority_type: "ROOT", # required, accepts ROOT, SUBORDINATE
|
|
495
508
|
# idempotency_token: "IdempotencyToken",
|
|
509
|
+
# key_storage_security_standard: "FIPS_140_2_LEVEL_2_OR_HIGHER", # accepts FIPS_140_2_LEVEL_2_OR_HIGHER, FIPS_140_2_LEVEL_3_OR_HIGHER
|
|
496
510
|
# tags: [
|
|
497
511
|
# {
|
|
498
512
|
# key: "TagKey", # required
|
|
@@ -526,7 +540,7 @@ module Aws::ACMPCA
|
|
|
526
540
|
#
|
|
527
541
|
# </note>
|
|
528
542
|
#
|
|
529
|
-
# ACM Private
|
|
543
|
+
# ACM Private CA assets that are stored in Amazon S3 can be protected
|
|
530
544
|
# with encryption. For more information, see [Encrypting Your Audit
|
|
531
545
|
# Reports][4].
|
|
532
546
|
#
|
|
@@ -983,6 +997,7 @@ module Aws::ACMPCA
|
|
|
983
997
|
# resp.certificate_authority.revocation_configuration.crl_configuration.custom_cname #=> String
|
|
984
998
|
# resp.certificate_authority.revocation_configuration.crl_configuration.s3_bucket_name #=> String
|
|
985
999
|
# resp.certificate_authority.restorable_until #=> Time
|
|
1000
|
+
# resp.certificate_authority.key_storage_security_standard #=> String, one of "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
|
|
986
1001
|
#
|
|
987
1002
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/DescribeCertificateAuthority AWS API Documentation
|
|
988
1003
|
#
|
|
@@ -1440,11 +1455,12 @@ module Aws::ACMPCA
|
|
|
1440
1455
|
#
|
|
1441
1456
|
# If conflicting or duplicate certificate information is supplied during
|
|
1442
1457
|
# certificate issuance, ACM Private CA applies [order of operation
|
|
1443
|
-
# rules]
|
|
1458
|
+
# rules][2] to determine what information is used.
|
|
1444
1459
|
#
|
|
1445
1460
|
#
|
|
1446
1461
|
#
|
|
1447
1462
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/UsingTemplates.html
|
|
1463
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/userguide/UsingTemplates.html#template-order-of-operations
|
|
1448
1464
|
#
|
|
1449
1465
|
# @option params [required, String] :certificate_authority_arn
|
|
1450
1466
|
# The Amazon Resource Name (ARN) that was returned when you called
|
|
@@ -1786,6 +1802,7 @@ module Aws::ACMPCA
|
|
|
1786
1802
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.custom_cname #=> String
|
|
1787
1803
|
# resp.certificate_authorities[0].revocation_configuration.crl_configuration.s3_bucket_name #=> String
|
|
1788
1804
|
# resp.certificate_authorities[0].restorable_until #=> Time
|
|
1805
|
+
# resp.certificate_authorities[0].key_storage_security_standard #=> String, one of "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
|
|
1789
1806
|
# resp.next_token #=> String
|
|
1790
1807
|
#
|
|
1791
1808
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/ListCertificateAuthorities AWS API Documentation
|
|
@@ -2339,7 +2356,7 @@ module Aws::ACMPCA
|
|
|
2339
2356
|
params: params,
|
|
2340
2357
|
config: config)
|
|
2341
2358
|
context[:gem_name] = 'aws-sdk-acmpca'
|
|
2342
|
-
context[:gem_version] = '1.
|
|
2359
|
+
context[:gem_version] = '1.35.0'
|
|
2343
2360
|
Seahorse::Client::Request.new(handlers, context)
|
|
2344
2361
|
end
|
|
2345
2362
|
|
|
@@ -88,6 +88,7 @@ module Aws::ACMPCA
|
|
|
88
88
|
IssueCertificateRequest = Shapes::StructureShape.new(name: 'IssueCertificateRequest')
|
|
89
89
|
IssueCertificateResponse = Shapes::StructureShape.new(name: 'IssueCertificateResponse')
|
|
90
90
|
KeyAlgorithm = Shapes::StringShape.new(name: 'KeyAlgorithm')
|
|
91
|
+
KeyStorageSecurityStandard = Shapes::StringShape.new(name: 'KeyStorageSecurityStandard')
|
|
91
92
|
KeyUsage = Shapes::StructureShape.new(name: 'KeyUsage')
|
|
92
93
|
LimitExceededException = Shapes::StructureShape.new(name: 'LimitExceededException')
|
|
93
94
|
ListCertificateAuthoritiesRequest = Shapes::StructureShape.new(name: 'ListCertificateAuthoritiesRequest')
|
|
@@ -196,6 +197,7 @@ module Aws::ACMPCA
|
|
|
196
197
|
CertificateAuthority.add_member(:certificate_authority_configuration, Shapes::ShapeRef.new(shape: CertificateAuthorityConfiguration, location_name: "CertificateAuthorityConfiguration"))
|
|
197
198
|
CertificateAuthority.add_member(:revocation_configuration, Shapes::ShapeRef.new(shape: RevocationConfiguration, location_name: "RevocationConfiguration"))
|
|
198
199
|
CertificateAuthority.add_member(:restorable_until, Shapes::ShapeRef.new(shape: TStamp, location_name: "RestorableUntil"))
|
|
200
|
+
CertificateAuthority.add_member(:key_storage_security_standard, Shapes::ShapeRef.new(shape: KeyStorageSecurityStandard, location_name: "KeyStorageSecurityStandard"))
|
|
199
201
|
CertificateAuthority.struct_class = Types::CertificateAuthority
|
|
200
202
|
|
|
201
203
|
CertificateAuthorityConfiguration.add_member(:key_algorithm, Shapes::ShapeRef.new(shape: KeyAlgorithm, required: true, location_name: "KeyAlgorithm"))
|
|
@@ -225,6 +227,7 @@ module Aws::ACMPCA
|
|
|
225
227
|
CreateCertificateAuthorityRequest.add_member(:revocation_configuration, Shapes::ShapeRef.new(shape: RevocationConfiguration, location_name: "RevocationConfiguration"))
|
|
226
228
|
CreateCertificateAuthorityRequest.add_member(:certificate_authority_type, Shapes::ShapeRef.new(shape: CertificateAuthorityType, required: true, location_name: "CertificateAuthorityType"))
|
|
227
229
|
CreateCertificateAuthorityRequest.add_member(:idempotency_token, Shapes::ShapeRef.new(shape: IdempotencyToken, location_name: "IdempotencyToken"))
|
|
230
|
+
CreateCertificateAuthorityRequest.add_member(:key_storage_security_standard, Shapes::ShapeRef.new(shape: KeyStorageSecurityStandard, location_name: "KeyStorageSecurityStandard"))
|
|
228
231
|
CreateCertificateAuthorityRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
|
|
229
232
|
CreateCertificateAuthorityRequest.struct_class = Types::CreateCertificateAuthorityRequest
|
|
230
233
|
|
data/lib/aws-sdk-acmpca/types.rb
CHANGED
|
@@ -236,8 +236,12 @@ module Aws::ACMPCA
|
|
|
236
236
|
# variant must be selected, or else this parameter is ignored.
|
|
237
237
|
#
|
|
238
238
|
# If conflicting or duplicate certificate information is supplied from
|
|
239
|
-
# other sources, ACM Private CA applies [order of operation
|
|
240
|
-
#
|
|
239
|
+
# other sources, ACM Private CA applies [order of operation rules][1] to
|
|
240
|
+
# determine what information is used.
|
|
241
|
+
#
|
|
242
|
+
#
|
|
243
|
+
#
|
|
244
|
+
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/UsingTemplates.html#template-order-of-operations
|
|
241
245
|
#
|
|
242
246
|
# @note When making an API call, you may pass ApiPassthrough
|
|
243
247
|
# data as a hash:
|
|
@@ -428,6 +432,20 @@ module Aws::ACMPCA
|
|
|
428
432
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeleteCertificateAuthorityRequest.html
|
|
429
433
|
# @return [Time]
|
|
430
434
|
#
|
|
435
|
+
# @!attribute [rw] key_storage_security_standard
|
|
436
|
+
# Defines a cryptographic key management compliance standard used for
|
|
437
|
+
# handling CA keys.
|
|
438
|
+
#
|
|
439
|
+
# Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
|
|
440
|
+
#
|
|
441
|
+
# Note: AWS Region ap-northeast-3 supports only
|
|
442
|
+
# FIPS\_140\_2\_LEVEL\_2\_OR\_HIGHER. You must explicitly specify this
|
|
443
|
+
# parameter and value when creating a CA in that Region. Specifying a
|
|
444
|
+
# different value (or no value) results in an `InvalidArgsException`
|
|
445
|
+
# with the message "A certificate authority cannot be created in this
|
|
446
|
+
# region with the specified security standard."
|
|
447
|
+
# @return [String]
|
|
448
|
+
#
|
|
431
449
|
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/CertificateAuthority AWS API Documentation
|
|
432
450
|
#
|
|
433
451
|
class CertificateAuthority < Struct.new(
|
|
@@ -443,7 +461,8 @@ module Aws::ACMPCA
|
|
|
443
461
|
:failure_reason,
|
|
444
462
|
:certificate_authority_configuration,
|
|
445
463
|
:revocation_configuration,
|
|
446
|
-
:restorable_until
|
|
464
|
+
:restorable_until,
|
|
465
|
+
:key_storage_security_standard)
|
|
447
466
|
SENSITIVE = []
|
|
448
467
|
include Aws::Structure
|
|
449
468
|
end
|
|
@@ -739,6 +758,7 @@ module Aws::ACMPCA
|
|
|
739
758
|
# },
|
|
740
759
|
# certificate_authority_type: "ROOT", # required, accepts ROOT, SUBORDINATE
|
|
741
760
|
# idempotency_token: "IdempotencyToken",
|
|
761
|
+
# key_storage_security_standard: "FIPS_140_2_LEVEL_2_OR_HIGHER", # accepts FIPS_140_2_LEVEL_2_OR_HIGHER, FIPS_140_2_LEVEL_3_OR_HIGHER
|
|
742
762
|
# tags: [
|
|
743
763
|
# {
|
|
744
764
|
# key: "TagKey", # required
|
|
@@ -781,6 +801,20 @@ module Aws::ACMPCA
|
|
|
781
801
|
# authorities.
|
|
782
802
|
# @return [String]
|
|
783
803
|
#
|
|
804
|
+
# @!attribute [rw] key_storage_security_standard
|
|
805
|
+
# Specifies a cryptographic key management compliance standard used
|
|
806
|
+
# for handling CA keys.
|
|
807
|
+
#
|
|
808
|
+
# Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
|
|
809
|
+
#
|
|
810
|
+
# Note: AWS Region ap-northeast-3 supports only
|
|
811
|
+
# FIPS\_140\_2\_LEVEL\_2\_OR\_HIGHER. You must explicitly specify this
|
|
812
|
+
# parameter and value when creating a CA in that Region. Specifying a
|
|
813
|
+
# different value (or no value) results in an `InvalidArgsException`
|
|
814
|
+
# with the message "A certificate authority cannot be created in this
|
|
815
|
+
# region with the specified security standard."
|
|
816
|
+
# @return [String]
|
|
817
|
+
#
|
|
784
818
|
# @!attribute [rw] tags
|
|
785
819
|
# Key-value pairs that will be attached to the new private CA. You can
|
|
786
820
|
# associate up to 50 tags with a private CA. For information using
|
|
@@ -799,6 +833,7 @@ module Aws::ACMPCA
|
|
|
799
833
|
:revocation_configuration,
|
|
800
834
|
:certificate_authority_type,
|
|
801
835
|
:idempotency_token,
|
|
836
|
+
:key_storage_security_standard,
|
|
802
837
|
:tags)
|
|
803
838
|
SENSITIVE = []
|
|
804
839
|
include Aws::Structure
|
|
@@ -880,7 +915,7 @@ module Aws::ACMPCA
|
|
|
880
915
|
# Points** extension of each certificate it issues. Your S3 bucket
|
|
881
916
|
# policy must give write permission to ACM Private CA.
|
|
882
917
|
#
|
|
883
|
-
# ACM Private
|
|
918
|
+
# ACM Private CA assets that are stored in Amazon S3 can be protected
|
|
884
919
|
# with encryption. For more information, see [Encrypting Your CRLs][1].
|
|
885
920
|
#
|
|
886
921
|
# Your private CA uses the value in the **ExpirationInDays** parameter
|
|
@@ -2014,11 +2049,12 @@ module Aws::ACMPCA
|
|
|
2014
2049
|
#
|
|
2015
2050
|
# If conflicting or duplicate certificate information is supplied
|
|
2016
2051
|
# during certificate issuance, ACM Private CA applies [order of
|
|
2017
|
-
# operation rules]
|
|
2052
|
+
# operation rules][2] to determine what information is used.
|
|
2018
2053
|
#
|
|
2019
2054
|
#
|
|
2020
2055
|
#
|
|
2021
2056
|
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/UsingTemplates.html
|
|
2057
|
+
# [2]: https://docs.aws.amazon.com/acm-pca/latest/userguide/UsingTemplates.html#template-order-of-operations
|
|
2022
2058
|
# @return [Types::ApiPassthrough]
|
|
2023
2059
|
#
|
|
2024
2060
|
# @!attribute [rw] certificate_authority_arn
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-acmpca
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.35.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-05-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|
|
@@ -67,8 +67,8 @@ homepage: https://github.com/aws/aws-sdk-ruby
|
|
|
67
67
|
licenses:
|
|
68
68
|
- Apache-2.0
|
|
69
69
|
metadata:
|
|
70
|
-
source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/
|
|
71
|
-
changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/
|
|
70
|
+
source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-acmpca
|
|
71
|
+
changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-acmpca/CHANGELOG.md
|
|
72
72
|
post_install_message:
|
|
73
73
|
rdoc_options: []
|
|
74
74
|
require_paths:
|
|
@@ -84,8 +84,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
84
84
|
- !ruby/object:Gem::Version
|
|
85
85
|
version: '0'
|
|
86
86
|
requirements: []
|
|
87
|
-
|
|
88
|
-
rubygems_version: 2.7.6.2
|
|
87
|
+
rubygems_version: 3.1.6
|
|
89
88
|
signing_key:
|
|
90
89
|
specification_version: 4
|
|
91
90
|
summary: AWS SDK for Ruby - ACM-PCA
|