You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.

Class: Aws::ACMPCA::Types::CreateCertificateAuthorityRequest

Inherits:
Struct
  • Object
show all
Defined in:
(unknown)

Overview

Note:

When passing CreateCertificateAuthorityRequest as input to an Aws::Client method, you can use a vanilla Hash:

{
  certificate_authority_configuration: { # required
    key_algorithm: "RSA_2048", # required, accepts RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1
    signing_algorithm: "SHA256WITHECDSA", # required, accepts SHA256WITHECDSA, SHA384WITHECDSA, SHA512WITHECDSA, SHA256WITHRSA, SHA384WITHRSA, SHA512WITHRSA
    subject: { # required
      country: "CountryCodeString",
      organization: "String64",
      organizational_unit: "String64",
      distinguished_name_qualifier: "ASN1PrintableString64",
      state: "String128",
      common_name: "String64",
      serial_number: "ASN1PrintableString64",
      locality: "String128",
      title: "String64",
      surname: "String40",
      given_name: "String16",
      initials: "String5",
      pseudonym: "String128",
      generation_qualifier: "String3",
    },
  },
  revocation_configuration: {
    crl_configuration: {
      enabled: false, # required
      expiration_in_days: 1,
      custom_cname: "String253",
      s3_bucket_name: "String3To255",
    },
  },
  certificate_authority_type: "ROOT", # required, accepts ROOT, SUBORDINATE
  idempotency_token: "IdempotencyToken",
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
}

Instance Attribute Summary collapse

Instance Attribute Details

#certificate_authority_configurationTypes::CertificateAuthorityConfiguration

Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.

Returns:

#certificate_authority_typeString

The type of the certificate authority.

Possible values:

  • ROOT
  • SUBORDINATE

Returns:

  • (String)

    The type of the certificate authority.

#idempotency_tokenString

Alphanumeric string that can be used to distinguish between calls to CreateCertificateAuthority. For a given token, ACM Private CA creates exactly one CA. If you issue a subsequent call using the same token, ACM Private CA returns the ARN of the existing CA and takes no further action. If you change the idempotency token across multiple calls, ACM Private CA creates a unique CA for each unique token.

Returns:

  • (String)

    Alphanumeric string that can be used to distinguish between calls to CreateCertificateAuthority.

#revocation_configurationTypes::RevocationConfiguration

Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM Private CA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the CRL Distribution Points extension of your CA certificate. For more information, see the CrlConfiguration structure.

Returns:

  • (Types::RevocationConfiguration)

    Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM Private CA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the CRL Distribution Points extension of your CA certificate.

#tagsArray<Types::Tag>

Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags.

Returns:

  • (Array<Types::Tag>)

    Key-value pairs that will be attached to the new private CA.