awscc.acmpca_certificateauthority

Filters

  • event

  • reduce

  • value

Actions

delete

Parent base class for filters and actions.

properties:
  type:
    enum:
    - delete
required:
- type

Permissions - acm-pca:DeleteCertificateAuthority

update

Parent base class for filters and actions.

definitions:
  AccessDescription:
    additionalProperties: false
    description: Structure that contains X.509 AccessDescription information.
    properties:
      AccessLocation:
        additionalProperties: false
        description: Structure that contains X.509 GeneralName information. Assign
          one and ONLY one field.
        properties:
          DirectoryName:
            additionalProperties: false
            description: Structure that contains X.500 distinguished name information
              for your CA.
            properties:
              CommonName:
                type: string
              Country:
                type: string
              DistinguishedNameQualifier:
                type: string
              GenerationQualifier:
                type: string
              GivenName:
                type: string
              Initials:
                type: string
              Locality:
                type: string
              Organization:
                type: string
              OrganizationalUnit:
                type: string
              Pseudonym:
                type: string
              SerialNumber:
                type: string
              State:
                type: string
              Surname:
                type: string
              Title:
                type: string
            type: object
          DnsName:
            description: String that contains X.509 DnsName information.
            type: string
          EdiPartyName:
            additionalProperties: false
            description: Structure that contains X.509 EdiPartyName information.
            properties:
              NameAssigner:
                type: string
              PartyName:
                type: string
            required:
            - PartyName
            - NameAssigner
            type: object
          IpAddress:
            description: String that contains X.509 IpAddress information.
            type: string
          OtherName:
            additionalProperties: false
            description: Structure that contains X.509 OtherName information.
            properties:
              TypeId:
                description: String that contains X.509 ObjectIdentifier information.
                type: string
              Value:
                type: string
            required:
            - TypeId
            - Value
            type: object
          RegisteredId:
            description: String that contains X.509 ObjectIdentifier information.
            type: string
          Rfc822Name:
            description: String that contains X.509 Rfc822Name information.
            type: string
          UniformResourceIdentifier:
            description: String that contains X.509 UniformResourceIdentifier information.
            type: string
        type: object
      AccessMethod:
        additionalProperties: false
        description: Structure that contains X.509 AccessMethod information. Assign
          one and ONLY one field.
        properties:
          AccessMethodType:
            description: Pre-defined enum string for X.509 AccessMethod ObjectIdentifiers.
            type: string
          CustomObjectIdentifier:
            description: String that contains X.509 ObjectIdentifier information.
            type: string
        type: object
    required:
    - AccessMethod
    - AccessLocation
    type: object
  AccessMethod:
    additionalProperties: false
    description: Structure that contains X.509 AccessMethod information. Assign one
      and ONLY one field.
    properties:
      AccessMethodType:
        description: Pre-defined enum string for X.509 AccessMethod ObjectIdentifiers.
        type: string
      CustomObjectIdentifier:
        description: String that contains X.509 ObjectIdentifier information.
        type: string
    type: object
  AccessMethodType:
    description: Pre-defined enum string for X.509 AccessMethod ObjectIdentifiers.
    type: string
  Arn:
    type: string
  CrlConfiguration:
    additionalProperties: false
    description: Your certificate authority can create and maintain a certificate
      revocation list (CRL). A CRL contains information about certificates that have
      been revoked.
    properties:
      CustomCname:
        type: string
      Enabled:
        type: boolean
      ExpirationInDays:
        type: integer
      S3BucketName:
        type: string
      S3ObjectAcl:
        type: string
    type: object
  CsrExtensions:
    additionalProperties: false
    description: Structure that contains CSR pass though extensions information.
    properties:
      KeyUsage:
        additionalProperties: false
        description: Structure that contains X.509 KeyUsage information.
        properties:
          CRLSign:
            default: false
            type: boolean
          DataEncipherment:
            default: false
            type: boolean
          DecipherOnly:
            default: false
            type: boolean
          DigitalSignature:
            default: false
            type: boolean
          EncipherOnly:
            default: false
            type: boolean
          KeyAgreement:
            default: false
            type: boolean
          KeyCertSign:
            default: false
            type: boolean
          KeyEncipherment:
            default: false
            type: boolean
          NonRepudiation:
            default: false
            type: boolean
        type: object
      SubjectInformationAccess:
        description: Array of X.509 AccessDescription.
        items:
          additionalProperties: false
          description: Structure that contains X.509 AccessDescription information.
          properties:
            AccessLocation:
              additionalProperties: false
              description: Structure that contains X.509 GeneralName information.
                Assign one and ONLY one field.
              properties:
                DirectoryName:
                  additionalProperties: false
                  description: Structure that contains X.500 distinguished name information
                    for your CA.
                  properties:
                    CommonName:
                      type: string
                    Country:
                      type: string
                    DistinguishedNameQualifier:
                      type: string
                    GenerationQualifier:
                      type: string
                    GivenName:
                      type: string
                    Initials:
                      type: string
                    Locality:
                      type: string
                    Organization:
                      type: string
                    OrganizationalUnit:
                      type: string
                    Pseudonym:
                      type: string
                    SerialNumber:
                      type: string
                    State:
                      type: string
                    Surname:
                      type: string
                    Title:
                      type: string
                  type: object
                DnsName:
                  description: String that contains X.509 DnsName information.
                  type: string
                EdiPartyName:
                  additionalProperties: false
                  description: Structure that contains X.509 EdiPartyName information.
                  properties:
                    NameAssigner:
                      type: string
                    PartyName:
                      type: string
                  required:
                  - PartyName
                  - NameAssigner
                  type: object
                IpAddress:
                  description: String that contains X.509 IpAddress information.
                  type: string
                OtherName:
                  additionalProperties: false
                  description: Structure that contains X.509 OtherName information.
                  properties:
                    TypeId:
                      description: String that contains X.509 ObjectIdentifier information.
                      type: string
                    Value:
                      type: string
                  required:
                  - TypeId
                  - Value
                  type: object
                RegisteredId:
                  description: String that contains X.509 ObjectIdentifier information.
                  type: string
                Rfc822Name:
                  description: String that contains X.509 Rfc822Name information.
                  type: string
                UniformResourceIdentifier:
                  description: String that contains X.509 UniformResourceIdentifier
                    information.
                  type: string
              type: object
            AccessMethod:
              additionalProperties: false
              description: Structure that contains X.509 AccessMethod information.
                Assign one and ONLY one field.
              properties:
                AccessMethodType:
                  description: Pre-defined enum string for X.509 AccessMethod ObjectIdentifiers.
                  type: string
                CustomObjectIdentifier:
                  description: String that contains X.509 ObjectIdentifier information.
                  type: string
              type: object
          required:
          - AccessMethod
          - AccessLocation
          type: object
        type: array
    type: object
  CustomObjectIdentifier:
    description: String that contains X.509 ObjectIdentifier information.
    type: string
  DnsName:
    description: String that contains X.509 DnsName information.
    type: string
  EdiPartyName:
    additionalProperties: false
    description: Structure that contains X.509 EdiPartyName information.
    properties:
      NameAssigner:
        type: string
      PartyName:
        type: string
    required:
    - PartyName
    - NameAssigner
    type: object
  GeneralName:
    additionalProperties: false
    description: Structure that contains X.509 GeneralName information. Assign one
      and ONLY one field.
    properties:
      DirectoryName:
        additionalProperties: false
        description: Structure that contains X.500 distinguished name information
          for your CA.
        properties:
          CommonName:
            type: string
          Country:
            type: string
          DistinguishedNameQualifier:
            type: string
          GenerationQualifier:
            type: string
          GivenName:
            type: string
          Initials:
            type: string
          Locality:
            type: string
          Organization:
            type: string
          OrganizationalUnit:
            type: string
          Pseudonym:
            type: string
          SerialNumber:
            type: string
          State:
            type: string
          Surname:
            type: string
          Title:
            type: string
        type: object
      DnsName:
        description: String that contains X.509 DnsName information.
        type: string
      EdiPartyName:
        additionalProperties: false
        description: Structure that contains X.509 EdiPartyName information.
        properties:
          NameAssigner:
            type: string
          PartyName:
            type: string
        required:
        - PartyName
        - NameAssigner
        type: object
      IpAddress:
        description: String that contains X.509 IpAddress information.
        type: string
      OtherName:
        additionalProperties: false
        description: Structure that contains X.509 OtherName information.
        properties:
          TypeId:
            description: String that contains X.509 ObjectIdentifier information.
            type: string
          Value:
            type: string
        required:
        - TypeId
        - Value
        type: object
      RegisteredId:
        description: String that contains X.509 ObjectIdentifier information.
        type: string
      Rfc822Name:
        description: String that contains X.509 Rfc822Name information.
        type: string
      UniformResourceIdentifier:
        description: String that contains X.509 UniformResourceIdentifier information.
        type: string
    type: object
  IpAddress:
    description: String that contains X.509 IpAddress information.
    type: string
  KeyUsage:
    additionalProperties: false
    description: Structure that contains X.509 KeyUsage information.
    properties:
      CRLSign:
        default: false
        type: boolean
      DataEncipherment:
        default: false
        type: boolean
      DecipherOnly:
        default: false
        type: boolean
      DigitalSignature:
        default: false
        type: boolean
      EncipherOnly:
        default: false
        type: boolean
      KeyAgreement:
        default: false
        type: boolean
      KeyCertSign:
        default: false
        type: boolean
      KeyEncipherment:
        default: false
        type: boolean
      NonRepudiation:
        default: false
        type: boolean
    type: object
  OcspConfiguration:
    additionalProperties: false
    description: Helps to configure online certificate status protocol (OCSP) responder
      for your certificate authority
    properties:
      Enabled:
        type: boolean
      OcspCustomCname:
        type: string
    type: object
  OtherName:
    additionalProperties: false
    description: Structure that contains X.509 OtherName information.
    properties:
      TypeId:
        description: String that contains X.509 ObjectIdentifier information.
        type: string
      Value:
        type: string
    required:
    - TypeId
    - Value
    type: object
  RevocationConfiguration:
    additionalProperties: false
    description: Certificate Authority revocation information.
    properties:
      CrlConfiguration:
        additionalProperties: false
        description: Your certificate authority can create and maintain a certificate
          revocation list (CRL). A CRL contains information about certificates that
          have been revoked.
        properties:
          CustomCname:
            type: string
          Enabled:
            type: boolean
          ExpirationInDays:
            type: integer
          S3BucketName:
            type: string
          S3ObjectAcl:
            type: string
        type: object
      OcspConfiguration:
        additionalProperties: false
        description: Helps to configure online certificate status protocol (OCSP)
          responder for your certificate authority
        properties:
          Enabled:
            type: boolean
          OcspCustomCname:
            type: string
        type: object
    type: object
  Rfc822Name:
    description: String that contains X.509 Rfc822Name information.
    type: string
  Subject:
    additionalProperties: false
    description: Structure that contains X.500 distinguished name information for
      your CA.
    properties:
      CommonName:
        type: string
      Country:
        type: string
      DistinguishedNameQualifier:
        type: string
      GenerationQualifier:
        type: string
      GivenName:
        type: string
      Initials:
        type: string
      Locality:
        type: string
      Organization:
        type: string
      OrganizationalUnit:
        type: string
      Pseudonym:
        type: string
      SerialNumber:
        type: string
      State:
        type: string
      Surname:
        type: string
      Title:
        type: string
    type: object
  SubjectInformationAccess:
    description: Array of X.509 AccessDescription.
    items:
      additionalProperties: false
      description: Structure that contains X.509 AccessDescription information.
      properties:
        AccessLocation:
          additionalProperties: false
          description: Structure that contains X.509 GeneralName information. Assign
            one and ONLY one field.
          properties:
            DirectoryName:
              additionalProperties: false
              description: Structure that contains X.500 distinguished name information
                for your CA.
              properties:
                CommonName:
                  type: string
                Country:
                  type: string
                DistinguishedNameQualifier:
                  type: string
                GenerationQualifier:
                  type: string
                GivenName:
                  type: string
                Initials:
                  type: string
                Locality:
                  type: string
                Organization:
                  type: string
                OrganizationalUnit:
                  type: string
                Pseudonym:
                  type: string
                SerialNumber:
                  type: string
                State:
                  type: string
                Surname:
                  type: string
                Title:
                  type: string
              type: object
            DnsName:
              description: String that contains X.509 DnsName information.
              type: string
            EdiPartyName:
              additionalProperties: false
              description: Structure that contains X.509 EdiPartyName information.
              properties:
                NameAssigner:
                  type: string
                PartyName:
                  type: string
              required:
              - PartyName
              - NameAssigner
              type: object
            IpAddress:
              description: String that contains X.509 IpAddress information.
              type: string
            OtherName:
              additionalProperties: false
              description: Structure that contains X.509 OtherName information.
              properties:
                TypeId:
                  description: String that contains X.509 ObjectIdentifier information.
                  type: string
                Value:
                  type: string
              required:
              - TypeId
              - Value
              type: object
            RegisteredId:
              description: String that contains X.509 ObjectIdentifier information.
              type: string
            Rfc822Name:
              description: String that contains X.509 Rfc822Name information.
              type: string
            UniformResourceIdentifier:
              description: String that contains X.509 UniformResourceIdentifier information.
              type: string
          type: object
        AccessMethod:
          additionalProperties: false
          description: Structure that contains X.509 AccessMethod information. Assign
            one and ONLY one field.
          properties:
            AccessMethodType:
              description: Pre-defined enum string for X.509 AccessMethod ObjectIdentifiers.
              type: string
            CustomObjectIdentifier:
              description: String that contains X.509 ObjectIdentifier information.
              type: string
          type: object
      required:
      - AccessMethod
      - AccessLocation
      type: object
    type: array
  Tag:
    additionalProperties: false
    properties:
      Key:
        type: string
      Value:
        type: string
    type: object
  UniformResourceIdentifier:
    description: String that contains X.509 UniformResourceIdentifier information.
    type: string
properties:
  RevocationConfiguration:
    additionalProperties: false
    description: Certificate Authority revocation information.
    properties:
      CrlConfiguration:
        additionalProperties: false
        description: Your certificate authority can create and maintain a certificate
          revocation list (CRL). A CRL contains information about certificates that
          have been revoked.
        properties:
          CustomCname:
            type: string
          Enabled:
            type: boolean
          ExpirationInDays:
            type: integer
          S3BucketName:
            type: string
          S3ObjectAcl:
            type: string
        type: object
      OcspConfiguration:
        additionalProperties: false
        description: Helps to configure online certificate status protocol (OCSP)
          responder for your certificate authority
        properties:
          Enabled:
            type: boolean
          OcspCustomCname:
            type: string
        type: object
    type: object
  Tags:
    items:
      additionalProperties: false
      properties:
        Key:
          type: string
        Value:
          type: string
      type: object
    type: array
  type:
    enum:
    - update

Permissions - acm-pca:ListTags, acm-pca:TagCertificateAuthority, acm-pca:UntagCertificateAuthority, acm-pca:UpdateCertificateAuthority