AWS::PCAConnectorAD::Template PrivateKeyFlagsV3 - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::PCAConnectorAD::Template PrivateKeyFlagsV3

Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{ "ClientVersion" : String, "ExportableKey" : Boolean, "RequireAlternateSignatureAlgorithm" : Boolean, "StrongKeyProtectionRequired" : Boolean }

Properties

ClientVersion

Defines the minimum client compatibility.

Required: Yes

Type: String

Allowed values: WINDOWS_SERVER_2008 | WINDOWS_SERVER_2008_R2 | WINDOWS_SERVER_2012 | WINDOWS_SERVER_2012_R2 | WINDOWS_SERVER_2016

Update requires: No interruption

ExportableKey

Allows the private key to be exported.

Required: No

Type: Boolean

Update requires: No interruption

RequireAlternateSignatureAlgorithm

Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.

Required: No

Type: Boolean

Update requires: No interruption

StrongKeyProtectionRequired

Requirer user input when using the private key for enrollment.

Required: No

Type: Boolean

Update requires: No interruption