You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::ACMPCA::Types::CreateCertificateAuthorityRequest
- Inherits:
-
Struct
- Object
- Struct
- Aws::ACMPCA::Types::CreateCertificateAuthorityRequest
- Defined in:
- (unknown)
Overview
When passing CreateCertificateAuthorityRequest as input to an Aws::Client method, you can use a vanilla Hash:
{
certificate_authority_configuration: { # required
key_algorithm: "RSA_2048", # required, accepts RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1
signing_algorithm: "SHA256WITHECDSA", # required, accepts SHA256WITHECDSA, SHA384WITHECDSA, SHA512WITHECDSA, SHA256WITHRSA, SHA384WITHRSA, SHA512WITHRSA
subject: { # required
country: "CountryCodeString",
organization: "String64",
organizational_unit: "String64",
distinguished_name_qualifier: "ASN1PrintableString64",
state: "String128",
common_name: "String64",
serial_number: "ASN1PrintableString64",
locality: "String128",
title: "String64",
surname: "String40",
given_name: "String16",
initials: "String5",
pseudonym: "String128",
generation_qualifier: "String3",
},
},
revocation_configuration: {
crl_configuration: {
enabled: false, # required
expiration_in_days: 1,
custom_cname: "String253",
s3_bucket_name: "String3To255",
},
},
certificate_authority_type: "ROOT", # required, accepts ROOT, SUBORDINATE
idempotency_token: "IdempotencyToken",
tags: [
{
key: "TagKey", # required
value: "TagValue",
},
],
}
Instance Attribute Summary collapse
-
#certificate_authority_configuration ⇒ Types::CertificateAuthorityConfiguration
Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.
-
#certificate_authority_type ⇒ String
The type of the certificate authority.
-
#idempotency_token ⇒ String
Alphanumeric string that can be used to distinguish between calls to CreateCertificateAuthority.
-
#revocation_configuration ⇒ Types::RevocationConfiguration
Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM Private CA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the CRL Distribution Points extension of your CA certificate.
-
#tags ⇒ Array<Types::Tag>
Key-value pairs that will be attached to the new private CA.
Instance Attribute Details
#certificate_authority_configuration ⇒ Types::CertificateAuthorityConfiguration
Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.
#certificate_authority_type ⇒ String
The type of the certificate authority.
Possible values:
- ROOT
- SUBORDINATE
#idempotency_token ⇒ String
Alphanumeric string that can be used to distinguish between calls to CreateCertificateAuthority. For a given token, ACM Private CA creates exactly one CA. If you issue a subsequent call using the same token, ACM Private CA returns the ARN of the existing CA and takes no further action. If you change the idempotency token across multiple calls, ACM Private CA creates a unique CA for each unique token.
#revocation_configuration ⇒ Types::RevocationConfiguration
Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM Private CA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the CRL Distribution Points extension of your CA certificate. For more information, see the CrlConfiguration structure.
#tags ⇒ Array<Types::Tag>
Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags.