- Valid Scope(s): Unknown
- alias: string (Required): the resource alias
- name: string: the resource name
- properties: AWS.ACMPCA/CertificateProperties (Required): properties of the resource
- Valid Scope(s): Unknown
- alias: string (Required): the resource alias
- name: string: the resource name
- properties: AWS.ACMPCA/CertificateAuthorityProperties (Required): properties of the resource
- Valid Scope(s): Unknown
- alias: string (Required): the resource alias
- name: string: the resource name
- properties: AWS.ACMPCA/CertificateAuthorityActivationProperties (Required): properties of the resource
- ApiPassthrough: ApiPassthrough (WriteOnly): These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored.
- Arn: string (ReadOnly, Identifier): The ARN of the issued certificate.
- Certificate: string (ReadOnly): The issued certificate in base 64 PEM-encoded format.
- CertificateAuthorityArn: string (Required, Identifier): The Amazon Resource Name (ARN) for the private CA to issue the certificate.
- CertificateSigningRequest: string (Required, WriteOnly): The certificate signing request (CSR) for the Certificate.
- SigningAlgorithm: string (Required): The name of the algorithm that will be used to sign the Certificate.
- TemplateArn: string: Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template.
- Validity: Validity (Required): The time before which the Certificate will be valid.
- ValidityNotBefore: Validity: The time after which the Certificate will be valid.
- Extensions: Extensions
- Subject: Subject
- CertificatePolicies: PolicyInformation[]
- CustomExtensions: CustomExtension[]
- ExtendedKeyUsage: ExtendedKeyUsage[]
- KeyUsage: KeyUsage
- SubjectAlternativeNames: GeneralName[]
- CertPolicyId: string (Required)
- PolicyQualifiers: PolicyQualifierInfo[]
- PolicyQualifierId: string (Required)
- Qualifier: Qualifier (Required)
- CpsUri: string (Required)
- Critical: bool
- ObjectIdentifier: string (Required)
- Value: string (Required)
- ExtendedKeyUsageObjectIdentifier: string
- ExtendedKeyUsageType: string
- CRLSign: bool
- DataEncipherment: bool
- DecipherOnly: bool
- DigitalSignature: bool
- EncipherOnly: bool
- KeyAgreement: bool
- KeyCertSign: bool
- KeyEncipherment: bool
- NonRepudiation: bool
- DirectoryName: Subject
- DnsName: string
- EdiPartyName: EdiPartyName
- IpAddress: string
- OtherName: OtherName
- RegisteredId: string
- Rfc822Name: string
- UniformResourceIdentifier: string
- CommonName: string
- Country: string
- CustomAttributes: CustomAttribute[]
- DistinguishedNameQualifier: string
- GenerationQualifier: string
- GivenName: string
- Initials: string
- Locality: string
- Organization: string
- OrganizationalUnit: string
- Pseudonym: string
- SerialNumber: string
- State: string
- Surname: string
- Title: string
- ObjectIdentifier: string (Required)
- Value: string (Required)
- NameAssigner: string (Required)
- PartyName: string (Required)
- TypeId: string (Required)
- Value: string (Required)
- Type: string (Required)
- Value: int (Required)
- Arn: string (ReadOnly, Identifier): The Amazon Resource Name (ARN) of the certificate authority.
- CertificateSigningRequest: string (ReadOnly): The base64 PEM-encoded certificate signing request (CSR) for your certificate authority certificate.
- CsrExtensions: CsrExtensions: Structure that contains CSR pass through extension information used by the CreateCertificateAuthority action.
- KeyAlgorithm: string (Required): Public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate.
- KeyStorageSecurityStandard: string: KeyStorageSecurityStadard defines a cryptographic key management compliance standard used for handling CA keys.
- RevocationConfiguration: RevocationConfiguration: Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions.
- SigningAlgorithm: string (Required): Algorithm your CA uses to sign certificate requests.
- Subject: Subject (Required, WriteOnly): Structure that contains X.500 distinguished name information for your CA.
- Tags: Tag[]
- Type: string (Required): The type of the certificate authority.
- UsageMode: string: Usage mode of the ceritificate authority.
- KeyUsage: KeyUsage
- SubjectInformationAccess: AccessDescription[]
- CRLSign: bool
- DataEncipherment: bool
- DecipherOnly: bool
- DigitalSignature: bool
- EncipherOnly: bool
- KeyAgreement: bool
- KeyCertSign: bool
- KeyEncipherment: bool
- NonRepudiation: bool
- AccessLocation: GeneralName (Required)
- AccessMethod: AccessMethod (Required)
- DirectoryName: Subject
- DnsName: string
- EdiPartyName: EdiPartyName
- IpAddress: string
- OtherName: OtherName
- RegisteredId: string
- Rfc822Name: string
- UniformResourceIdentifier: string
- CommonName: string
- Country: string
- CustomAttributes: CustomAttribute[]
- DistinguishedNameQualifier: string
- GenerationQualifier: string
- GivenName: string
- Initials: string
- Locality: string
- Organization: string
- OrganizationalUnit: string
- Pseudonym: string
- SerialNumber: string
- State: string
- Surname: string
- Title: string
- ObjectIdentifier: string (Required)
- Value: string (Required)
- NameAssigner: string (Required)
- PartyName: string (Required)
- TypeId: string (Required)
- Value: string (Required)
- AccessMethodType: string
- CustomObjectIdentifier: string
- CrlConfiguration: CrlConfiguration
- OcspConfiguration: OcspConfiguration
- CustomCname: string
- Enabled: bool
- ExpirationInDays: int
- S3BucketName: string
- S3ObjectAcl: string
- Enabled: bool
- OcspCustomCname: string
- Key: string
- Value: string
- Certificate: string (Required, WriteOnly): Certificate Authority certificate that will be installed in the Certificate Authority.
- CertificateAuthorityArn: string (Required, Identifier): Arn of the Certificate Authority.
- CertificateChain: string (WriteOnly): Certificate chain for the Certificate Authority certificate.
- CompleteCertificateChain: string (ReadOnly): The complete certificate chain, including the Certificate Authority certificate.
- Status: string: The status of the Certificate Authority.