// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
/// When writing a match expression against `CertificateAuthorityStatus`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let certificateauthoritystatus = unimplemented!();
/// match certificateauthoritystatus {
/// CertificateAuthorityStatus::Active => { /* ... */ },
/// CertificateAuthorityStatus::Creating => { /* ... */ },
/// CertificateAuthorityStatus::Deleted => { /* ... */ },
/// CertificateAuthorityStatus::Disabled => { /* ... */ },
/// CertificateAuthorityStatus::Expired => { /* ... */ },
/// CertificateAuthorityStatus::Failed => { /* ... */ },
/// CertificateAuthorityStatus::PendingCertificate => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `certificateauthoritystatus` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `CertificateAuthorityStatus::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `CertificateAuthorityStatus::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `CertificateAuthorityStatus::NewFeature` is defined.
/// Specifically, when `certificateauthoritystatus` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `CertificateAuthorityStatus::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum CertificateAuthorityStatus {
#[allow(missing_docs)] // documentation missing in model
Active,
#[allow(missing_docs)] // documentation missing in model
Creating,
#[allow(missing_docs)] // documentation missing in model
Deleted,
#[allow(missing_docs)] // documentation missing in model
Disabled,
#[allow(missing_docs)] // documentation missing in model
Expired,
#[allow(missing_docs)] // documentation missing in model
Failed,
#[allow(missing_docs)] // documentation missing in model
PendingCertificate,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for CertificateAuthorityStatus {
fn from(s: &str) -> Self {
match s {
"ACTIVE" => CertificateAuthorityStatus::Active,
"CREATING" => CertificateAuthorityStatus::Creating,
"DELETED" => CertificateAuthorityStatus::Deleted,
"DISABLED" => CertificateAuthorityStatus::Disabled,
"EXPIRED" => CertificateAuthorityStatus::Expired,
"FAILED" => CertificateAuthorityStatus::Failed,
"PENDING_CERTIFICATE" => CertificateAuthorityStatus::PendingCertificate,
other => CertificateAuthorityStatus::Unknown(crate::types::UnknownVariantValue(
other.to_owned(),
)),
}
}
}
impl std::str::FromStr for CertificateAuthorityStatus {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(CertificateAuthorityStatus::from(s))
}
}
impl CertificateAuthorityStatus {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
CertificateAuthorityStatus::Active => "ACTIVE",
CertificateAuthorityStatus::Creating => "CREATING",
CertificateAuthorityStatus::Deleted => "DELETED",
CertificateAuthorityStatus::Disabled => "DISABLED",
CertificateAuthorityStatus::Expired => "EXPIRED",
CertificateAuthorityStatus::Failed => "FAILED",
CertificateAuthorityStatus::PendingCertificate => "PENDING_CERTIFICATE",
CertificateAuthorityStatus::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&[
"ACTIVE",
"CREATING",
"DELETED",
"DISABLED",
"EXPIRED",
"FAILED",
"PENDING_CERTIFICATE",
]
}
}
impl AsRef<str> for CertificateAuthorityStatus {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Certificate revocation information used by the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> and <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> actions. Your private certificate authority (CA) can configure Online Certificate Status Protocol (OCSP) support and/or maintain a certificate revocation list (CRL). OCSP returns validation information about certificates as requested by clients, and a CRL contains an updated list of certificates revoked by your CA. For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_RevokeCertificate.html">RevokeCertificate</a> and <a href="https://docs.aws.amazon.com/privateca/latest/userguide/revocation-setup.html">Setting up a certificate revocation method</a> in the <i>Amazon Web Services Private Certificate Authority User Guide</i>.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct RevocationConfiguration {
/// <p>Configuration of the certificate revocation list (CRL), if any, maintained by your private CA. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes.</p>
#[doc(hidden)]
pub crl_configuration: std::option::Option<crate::model::CrlConfiguration>,
/// <p>Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA. When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.</p>
#[doc(hidden)]
pub ocsp_configuration: std::option::Option<crate::model::OcspConfiguration>,
}
impl RevocationConfiguration {
/// <p>Configuration of the certificate revocation list (CRL), if any, maintained by your private CA. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes.</p>
pub fn crl_configuration(&self) -> std::option::Option<&crate::model::CrlConfiguration> {
self.crl_configuration.as_ref()
}
/// <p>Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA. When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.</p>
pub fn ocsp_configuration(&self) -> std::option::Option<&crate::model::OcspConfiguration> {
self.ocsp_configuration.as_ref()
}
}
/// See [`RevocationConfiguration`](crate::model::RevocationConfiguration).
pub mod revocation_configuration {
/// A builder for [`RevocationConfiguration`](crate::model::RevocationConfiguration).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) crl_configuration: std::option::Option<crate::model::CrlConfiguration>,
pub(crate) ocsp_configuration: std::option::Option<crate::model::OcspConfiguration>,
}
impl Builder {
/// <p>Configuration of the certificate revocation list (CRL), if any, maintained by your private CA. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes.</p>
pub fn crl_configuration(mut self, input: crate::model::CrlConfiguration) -> Self {
self.crl_configuration = Some(input);
self
}
/// <p>Configuration of the certificate revocation list (CRL), if any, maintained by your private CA. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes.</p>
pub fn set_crl_configuration(
mut self,
input: std::option::Option<crate::model::CrlConfiguration>,
) -> Self {
self.crl_configuration = input;
self
}
/// <p>Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA. When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.</p>
pub fn ocsp_configuration(mut self, input: crate::model::OcspConfiguration) -> Self {
self.ocsp_configuration = Some(input);
self
}
/// <p>Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA. When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.</p>
pub fn set_ocsp_configuration(
mut self,
input: std::option::Option<crate::model::OcspConfiguration>,
) -> Self {
self.ocsp_configuration = input;
self
}
/// Consumes the builder and constructs a [`RevocationConfiguration`](crate::model::RevocationConfiguration).
pub fn build(self) -> crate::model::RevocationConfiguration {
crate::model::RevocationConfiguration {
crl_configuration: self.crl_configuration,
ocsp_configuration: self.ocsp_configuration,
}
}
}
}
impl RevocationConfiguration {
/// Creates a new builder-style object to manufacture [`RevocationConfiguration`](crate::model::RevocationConfiguration).
pub fn builder() -> crate::model::revocation_configuration::Builder {
crate::model::revocation_configuration::Builder::default()
}
}
/// <p>Contains information to enable and configure Online Certificate Status Protocol (OCSP) for validating certificate revocation status.</p>
/// <p>When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct OcspConfiguration {
/// <p>Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.</p>
#[doc(hidden)]
pub enabled: std::option::Option<bool>,
/// <p>By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.</p> <note>
/// <p>The content of a Canonical Name (CNAME) record must conform to <a href="https://www.ietf.org/rfc/rfc2396.txt">RFC2396</a> restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".</p>
/// </note>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/ocsp-customize.html">Customizing Online Certificate Status Protocol (OCSP) </a> in the <i>Amazon Web Services Private Certificate Authority User Guide</i>.</p>
#[doc(hidden)]
pub ocsp_custom_cname: std::option::Option<std::string::String>,
}
impl OcspConfiguration {
/// <p>Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.</p>
pub fn enabled(&self) -> std::option::Option<bool> {
self.enabled
}
/// <p>By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.</p> <note>
/// <p>The content of a Canonical Name (CNAME) record must conform to <a href="https://www.ietf.org/rfc/rfc2396.txt">RFC2396</a> restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".</p>
/// </note>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/ocsp-customize.html">Customizing Online Certificate Status Protocol (OCSP) </a> in the <i>Amazon Web Services Private Certificate Authority User Guide</i>.</p>
pub fn ocsp_custom_cname(&self) -> std::option::Option<&str> {
self.ocsp_custom_cname.as_deref()
}
}
/// See [`OcspConfiguration`](crate::model::OcspConfiguration).
pub mod ocsp_configuration {
/// A builder for [`OcspConfiguration`](crate::model::OcspConfiguration).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) enabled: std::option::Option<bool>,
pub(crate) ocsp_custom_cname: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.</p>
pub fn enabled(mut self, input: bool) -> Self {
self.enabled = Some(input);
self
}
/// <p>Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.</p>
pub fn set_enabled(mut self, input: std::option::Option<bool>) -> Self {
self.enabled = input;
self
}
/// <p>By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.</p> <note>
/// <p>The content of a Canonical Name (CNAME) record must conform to <a href="https://www.ietf.org/rfc/rfc2396.txt">RFC2396</a> restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".</p>
/// </note>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/ocsp-customize.html">Customizing Online Certificate Status Protocol (OCSP) </a> in the <i>Amazon Web Services Private Certificate Authority User Guide</i>.</p>
pub fn ocsp_custom_cname(mut self, input: impl Into<std::string::String>) -> Self {
self.ocsp_custom_cname = Some(input.into());
self
}
/// <p>By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.</p> <note>
/// <p>The content of a Canonical Name (CNAME) record must conform to <a href="https://www.ietf.org/rfc/rfc2396.txt">RFC2396</a> restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".</p>
/// </note>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/ocsp-customize.html">Customizing Online Certificate Status Protocol (OCSP) </a> in the <i>Amazon Web Services Private Certificate Authority User Guide</i>.</p>
pub fn set_ocsp_custom_cname(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.ocsp_custom_cname = input;
self
}
/// Consumes the builder and constructs a [`OcspConfiguration`](crate::model::OcspConfiguration).
pub fn build(self) -> crate::model::OcspConfiguration {
crate::model::OcspConfiguration {
enabled: self.enabled,
ocsp_custom_cname: self.ocsp_custom_cname,
}
}
}
}
impl OcspConfiguration {
/// Creates a new builder-style object to manufacture [`OcspConfiguration`](crate::model::OcspConfiguration).
pub fn builder() -> crate::model::ocsp_configuration::Builder {
crate::model::ocsp_configuration::Builder::default()
}
}
/// <p>Contains configuration information for a certificate revocation list (CRL). Your private certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You can enable CRLs for your new or an existing private CA by setting the <b>Enabled</b> parameter to <code>true</code>. Your private CA writes CRLs to an S3 bucket that you specify in the <b>S3BucketName</b> parameter. You can hide the name of your bucket by specifying a value for the <b>CustomCname</b> parameter. Your private CA copies the CNAME or the S3 bucket name to the <b>CRL Distribution Points</b> extension of each certificate it issues. Your S3 bucket policy must give write permission to Amazon Web Services Private CA. </p>
/// <p>Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#crl-encryption">Encrypting Your CRLs</a>.</p>
/// <p>Your private CA uses the value in the <b>ExpirationInDays</b> parameter to calculate the <b>nextUpdate</b> field in the CRL. The CRL is refreshed prior to a certificate's expiration date or when a certificate is revoked. When a certificate is revoked, it appears in the CRL until the certificate expires, and then in one additional CRL after expiration, and it always appears in the audit report.</p>
/// <p>A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes.</p>
/// <p>CRLs contain the following fields:</p>
/// <ul>
/// <li> <p> <b>Version</b>: The current version number defined in RFC 5280 is V2. The integer value is 0x1. </p> </li>
/// <li> <p> <b>Signature Algorithm</b>: The name of the algorithm used to sign the CRL.</p> </li>
/// <li> <p> <b>Issuer</b>: The X.500 distinguished name of your private CA that issued the CRL.</p> </li>
/// <li> <p> <b>Last Update</b>: The issue date and time of this CRL.</p> </li>
/// <li> <p> <b>Next Update</b>: The day and time by which the next CRL will be issued.</p> </li>
/// <li> <p> <b>Revoked Certificates</b>: List of revoked certificates. Each list item contains the following information.</p>
/// <ul>
/// <li> <p> <b>Serial Number</b>: The serial number, in hexadecimal format, of the revoked certificate.</p> </li>
/// <li> <p> <b>Revocation Date</b>: Date and time the certificate was revoked.</p> </li>
/// <li> <p> <b>CRL Entry Extensions</b>: Optional extensions for the CRL entry.</p>
/// <ul>
/// <li> <p> <b>X509v3 CRL Reason Code</b>: Reason the certificate was revoked.</p> </li>
/// </ul> </li>
/// </ul> </li>
/// <li> <p> <b>CRL Extensions</b>: Optional extensions for the CRL.</p>
/// <ul>
/// <li> <p> <b>X509v3 Authority Key Identifier</b>: Identifies the public key associated with the private key used to sign the certificate.</p> </li>
/// <li> <p> <b>X509v3 CRL Number:</b>: Decimal sequence number for the CRL.</p> </li>
/// </ul> </li>
/// <li> <p> <b>Signature Algorithm</b>: Algorithm used by your private CA to sign the CRL.</p> </li>
/// <li> <p> <b>Signature Value</b>: Signature computed over the CRL.</p> </li>
/// </ul>
/// <p>Certificate revocation lists created by Amazon Web Services Private CA are DER-encoded. You can use the following OpenSSL command to list a CRL.</p>
/// <p> <code>openssl crl -inform DER -text -in <i>crl_path</i> -noout</code> </p>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/crl-planning.html">Planning a certificate revocation list (CRL)</a> in the <i>Amazon Web Services Private Certificate Authority User Guide</i> </p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct CrlConfiguration {
/// <p>Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action or for an existing CA when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> action. </p>
#[doc(hidden)]
pub enabled: std::option::Option<bool>,
/// <p>Validity period of the CRL in days.</p>
#[doc(hidden)]
pub expiration_in_days: std::option::Option<i32>,
/// <p>Name inserted into the certificate <b>CRL Distribution Points</b> extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.</p> <note>
/// <p>The content of a Canonical Name (CNAME) record must conform to <a href="https://www.ietf.org/rfc/rfc2396.txt">RFC2396</a> restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".</p>
/// </note>
#[doc(hidden)]
pub custom_cname: std::option::Option<std::string::String>,
/// <p>Name of the S3 bucket that contains the CRL. If you do not provide a value for the <b>CustomCname</b> argument, the name of your S3 bucket is placed into the <b>CRL Distribution Points</b> extension of the issued certificate. You can change the name of your bucket by calling the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> operation. You must specify a <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-policies">bucket policy</a> that allows Amazon Web Services Private CA to write the CRL to your bucket.</p> <note>
/// <p>The <code>S3BucketName</code> parameter must conform to the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html">S3 bucket naming rules</a>.</p>
/// </note>
#[doc(hidden)]
pub s3_bucket_name: std::option::Option<std::string::String>,
/// <p>Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access. </p>
/// <p>If no value is specified, the default is <code>PUBLIC_READ</code>.</p>
/// <p> <i>Note:</i> This default can cause CA creation to fail in some circumstances. If you have have enabled the Block Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as <code>BUCKET_OWNER_FULL_CONTROL</code>, and not doing so results in an error. If you have disabled BPA in S3, then you can specify either <code>BUCKET_OWNER_FULL_CONTROL</code> or <code>PUBLIC_READ</code> as the value.</p>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa">Blocking public access to the S3 bucket</a>.</p>
#[doc(hidden)]
pub s3_object_acl: std::option::Option<crate::model::S3ObjectAcl>,
}
impl CrlConfiguration {
/// <p>Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action or for an existing CA when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> action. </p>
pub fn enabled(&self) -> std::option::Option<bool> {
self.enabled
}
/// <p>Validity period of the CRL in days.</p>
pub fn expiration_in_days(&self) -> std::option::Option<i32> {
self.expiration_in_days
}
/// <p>Name inserted into the certificate <b>CRL Distribution Points</b> extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.</p> <note>
/// <p>The content of a Canonical Name (CNAME) record must conform to <a href="https://www.ietf.org/rfc/rfc2396.txt">RFC2396</a> restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".</p>
/// </note>
pub fn custom_cname(&self) -> std::option::Option<&str> {
self.custom_cname.as_deref()
}
/// <p>Name of the S3 bucket that contains the CRL. If you do not provide a value for the <b>CustomCname</b> argument, the name of your S3 bucket is placed into the <b>CRL Distribution Points</b> extension of the issued certificate. You can change the name of your bucket by calling the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> operation. You must specify a <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-policies">bucket policy</a> that allows Amazon Web Services Private CA to write the CRL to your bucket.</p> <note>
/// <p>The <code>S3BucketName</code> parameter must conform to the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html">S3 bucket naming rules</a>.</p>
/// </note>
pub fn s3_bucket_name(&self) -> std::option::Option<&str> {
self.s3_bucket_name.as_deref()
}
/// <p>Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access. </p>
/// <p>If no value is specified, the default is <code>PUBLIC_READ</code>.</p>
/// <p> <i>Note:</i> This default can cause CA creation to fail in some circumstances. If you have have enabled the Block Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as <code>BUCKET_OWNER_FULL_CONTROL</code>, and not doing so results in an error. If you have disabled BPA in S3, then you can specify either <code>BUCKET_OWNER_FULL_CONTROL</code> or <code>PUBLIC_READ</code> as the value.</p>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa">Blocking public access to the S3 bucket</a>.</p>
pub fn s3_object_acl(&self) -> std::option::Option<&crate::model::S3ObjectAcl> {
self.s3_object_acl.as_ref()
}
}
/// See [`CrlConfiguration`](crate::model::CrlConfiguration).
pub mod crl_configuration {
/// A builder for [`CrlConfiguration`](crate::model::CrlConfiguration).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) enabled: std::option::Option<bool>,
pub(crate) expiration_in_days: std::option::Option<i32>,
pub(crate) custom_cname: std::option::Option<std::string::String>,
pub(crate) s3_bucket_name: std::option::Option<std::string::String>,
pub(crate) s3_object_acl: std::option::Option<crate::model::S3ObjectAcl>,
}
impl Builder {
/// <p>Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action or for an existing CA when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> action. </p>
pub fn enabled(mut self, input: bool) -> Self {
self.enabled = Some(input);
self
}
/// <p>Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action or for an existing CA when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> action. </p>
pub fn set_enabled(mut self, input: std::option::Option<bool>) -> Self {
self.enabled = input;
self
}
/// <p>Validity period of the CRL in days.</p>
pub fn expiration_in_days(mut self, input: i32) -> Self {
self.expiration_in_days = Some(input);
self
}
/// <p>Validity period of the CRL in days.</p>
pub fn set_expiration_in_days(mut self, input: std::option::Option<i32>) -> Self {
self.expiration_in_days = input;
self
}
/// <p>Name inserted into the certificate <b>CRL Distribution Points</b> extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.</p> <note>
/// <p>The content of a Canonical Name (CNAME) record must conform to <a href="https://www.ietf.org/rfc/rfc2396.txt">RFC2396</a> restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".</p>
/// </note>
pub fn custom_cname(mut self, input: impl Into<std::string::String>) -> Self {
self.custom_cname = Some(input.into());
self
}
/// <p>Name inserted into the certificate <b>CRL Distribution Points</b> extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.</p> <note>
/// <p>The content of a Canonical Name (CNAME) record must conform to <a href="https://www.ietf.org/rfc/rfc2396.txt">RFC2396</a> restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".</p>
/// </note>
pub fn set_custom_cname(mut self, input: std::option::Option<std::string::String>) -> Self {
self.custom_cname = input;
self
}
/// <p>Name of the S3 bucket that contains the CRL. If you do not provide a value for the <b>CustomCname</b> argument, the name of your S3 bucket is placed into the <b>CRL Distribution Points</b> extension of the issued certificate. You can change the name of your bucket by calling the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> operation. You must specify a <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-policies">bucket policy</a> that allows Amazon Web Services Private CA to write the CRL to your bucket.</p> <note>
/// <p>The <code>S3BucketName</code> parameter must conform to the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html">S3 bucket naming rules</a>.</p>
/// </note>
pub fn s3_bucket_name(mut self, input: impl Into<std::string::String>) -> Self {
self.s3_bucket_name = Some(input.into());
self
}
/// <p>Name of the S3 bucket that contains the CRL. If you do not provide a value for the <b>CustomCname</b> argument, the name of your S3 bucket is placed into the <b>CRL Distribution Points</b> extension of the issued certificate. You can change the name of your bucket by calling the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> operation. You must specify a <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-policies">bucket policy</a> that allows Amazon Web Services Private CA to write the CRL to your bucket.</p> <note>
/// <p>The <code>S3BucketName</code> parameter must conform to the <a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html">S3 bucket naming rules</a>.</p>
/// </note>
pub fn set_s3_bucket_name(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.s3_bucket_name = input;
self
}
/// <p>Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access. </p>
/// <p>If no value is specified, the default is <code>PUBLIC_READ</code>.</p>
/// <p> <i>Note:</i> This default can cause CA creation to fail in some circumstances. If you have have enabled the Block Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as <code>BUCKET_OWNER_FULL_CONTROL</code>, and not doing so results in an error. If you have disabled BPA in S3, then you can specify either <code>BUCKET_OWNER_FULL_CONTROL</code> or <code>PUBLIC_READ</code> as the value.</p>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa">Blocking public access to the S3 bucket</a>.</p>
pub fn s3_object_acl(mut self, input: crate::model::S3ObjectAcl) -> Self {
self.s3_object_acl = Some(input);
self
}
/// <p>Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access. </p>
/// <p>If no value is specified, the default is <code>PUBLIC_READ</code>.</p>
/// <p> <i>Note:</i> This default can cause CA creation to fail in some circumstances. If you have have enabled the Block Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as <code>BUCKET_OWNER_FULL_CONTROL</code>, and not doing so results in an error. If you have disabled BPA in S3, then you can specify either <code>BUCKET_OWNER_FULL_CONTROL</code> or <code>PUBLIC_READ</code> as the value.</p>
/// <p>For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa">Blocking public access to the S3 bucket</a>.</p>
pub fn set_s3_object_acl(
mut self,
input: std::option::Option<crate::model::S3ObjectAcl>,
) -> Self {
self.s3_object_acl = input;
self
}
/// Consumes the builder and constructs a [`CrlConfiguration`](crate::model::CrlConfiguration).
pub fn build(self) -> crate::model::CrlConfiguration {
crate::model::CrlConfiguration {
enabled: self.enabled,
expiration_in_days: self.expiration_in_days,
custom_cname: self.custom_cname,
s3_bucket_name: self.s3_bucket_name,
s3_object_acl: self.s3_object_acl,
}
}
}
}
impl CrlConfiguration {
/// Creates a new builder-style object to manufacture [`CrlConfiguration`](crate::model::CrlConfiguration).
pub fn builder() -> crate::model::crl_configuration::Builder {
crate::model::crl_configuration::Builder::default()
}
}
/// When writing a match expression against `S3ObjectAcl`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let s3objectacl = unimplemented!();
/// match s3objectacl {
/// S3ObjectAcl::BucketOwnerFullControl => { /* ... */ },
/// S3ObjectAcl::PublicRead => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `s3objectacl` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `S3ObjectAcl::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `S3ObjectAcl::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `S3ObjectAcl::NewFeature` is defined.
/// Specifically, when `s3objectacl` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `S3ObjectAcl::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum S3ObjectAcl {
#[allow(missing_docs)] // documentation missing in model
BucketOwnerFullControl,
#[allow(missing_docs)] // documentation missing in model
PublicRead,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for S3ObjectAcl {
fn from(s: &str) -> Self {
match s {
"BUCKET_OWNER_FULL_CONTROL" => S3ObjectAcl::BucketOwnerFullControl,
"PUBLIC_READ" => S3ObjectAcl::PublicRead,
other => S3ObjectAcl::Unknown(crate::types::UnknownVariantValue(other.to_owned())),
}
}
}
impl std::str::FromStr for S3ObjectAcl {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(S3ObjectAcl::from(s))
}
}
impl S3ObjectAcl {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
S3ObjectAcl::BucketOwnerFullControl => "BUCKET_OWNER_FULL_CONTROL",
S3ObjectAcl::PublicRead => "PUBLIC_READ",
S3ObjectAcl::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["BUCKET_OWNER_FULL_CONTROL", "PUBLIC_READ"]
}
}
impl AsRef<str> for S3ObjectAcl {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Tags are labels that you can use to identify and organize your private CAs. Each tag consists of a key and an optional value. You can associate up to 50 tags with a private CA. To add one or more tags to a private CA, call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_TagCertificateAuthority.html">TagCertificateAuthority</a> action. To remove a tag, call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UntagCertificateAuthority.html">UntagCertificateAuthority</a> action. </p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct Tag {
/// <p>Key (name) of the tag.</p>
#[doc(hidden)]
pub key: std::option::Option<std::string::String>,
/// <p>Value of the tag.</p>
#[doc(hidden)]
pub value: std::option::Option<std::string::String>,
}
impl Tag {
/// <p>Key (name) of the tag.</p>
pub fn key(&self) -> std::option::Option<&str> {
self.key.as_deref()
}
/// <p>Value of the tag.</p>
pub fn value(&self) -> std::option::Option<&str> {
self.value.as_deref()
}
}
/// See [`Tag`](crate::model::Tag).
pub mod tag {
/// A builder for [`Tag`](crate::model::Tag).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) key: std::option::Option<std::string::String>,
pub(crate) value: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>Key (name) of the tag.</p>
pub fn key(mut self, input: impl Into<std::string::String>) -> Self {
self.key = Some(input.into());
self
}
/// <p>Key (name) of the tag.</p>
pub fn set_key(mut self, input: std::option::Option<std::string::String>) -> Self {
self.key = input;
self
}
/// <p>Value of the tag.</p>
pub fn value(mut self, input: impl Into<std::string::String>) -> Self {
self.value = Some(input.into());
self
}
/// <p>Value of the tag.</p>
pub fn set_value(mut self, input: std::option::Option<std::string::String>) -> Self {
self.value = input;
self
}
/// Consumes the builder and constructs a [`Tag`](crate::model::Tag).
pub fn build(self) -> crate::model::Tag {
crate::model::Tag {
key: self.key,
value: self.value,
}
}
}
}
impl Tag {
/// Creates a new builder-style object to manufacture [`Tag`](crate::model::Tag).
pub fn builder() -> crate::model::tag::Builder {
crate::model::tag::Builder::default()
}
}
/// When writing a match expression against `RevocationReason`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let revocationreason = unimplemented!();
/// match revocationreason {
/// RevocationReason::AffiliationChanged => { /* ... */ },
/// RevocationReason::AACompromise => { /* ... */ },
/// RevocationReason::CertificateAuthorityCompromise => { /* ... */ },
/// RevocationReason::CessationOfOperation => { /* ... */ },
/// RevocationReason::KeyCompromise => { /* ... */ },
/// RevocationReason::PrivilegeWithdrawn => { /* ... */ },
/// RevocationReason::Superseded => { /* ... */ },
/// RevocationReason::Unspecified => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `revocationreason` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `RevocationReason::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `RevocationReason::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `RevocationReason::NewFeature` is defined.
/// Specifically, when `revocationreason` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `RevocationReason::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum RevocationReason {
#[allow(missing_docs)] // documentation missing in model
AffiliationChanged,
#[allow(missing_docs)] // documentation missing in model
AACompromise,
#[allow(missing_docs)] // documentation missing in model
CertificateAuthorityCompromise,
#[allow(missing_docs)] // documentation missing in model
CessationOfOperation,
#[allow(missing_docs)] // documentation missing in model
KeyCompromise,
#[allow(missing_docs)] // documentation missing in model
PrivilegeWithdrawn,
#[allow(missing_docs)] // documentation missing in model
Superseded,
#[allow(missing_docs)] // documentation missing in model
Unspecified,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for RevocationReason {
fn from(s: &str) -> Self {
match s {
"AFFILIATION_CHANGED" => RevocationReason::AffiliationChanged,
"A_A_COMPROMISE" => RevocationReason::AACompromise,
"CERTIFICATE_AUTHORITY_COMPROMISE" => RevocationReason::CertificateAuthorityCompromise,
"CESSATION_OF_OPERATION" => RevocationReason::CessationOfOperation,
"KEY_COMPROMISE" => RevocationReason::KeyCompromise,
"PRIVILEGE_WITHDRAWN" => RevocationReason::PrivilegeWithdrawn,
"SUPERSEDED" => RevocationReason::Superseded,
"UNSPECIFIED" => RevocationReason::Unspecified,
other => RevocationReason::Unknown(crate::types::UnknownVariantValue(other.to_owned())),
}
}
}
impl std::str::FromStr for RevocationReason {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(RevocationReason::from(s))
}
}
impl RevocationReason {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
RevocationReason::AffiliationChanged => "AFFILIATION_CHANGED",
RevocationReason::AACompromise => "A_A_COMPROMISE",
RevocationReason::CertificateAuthorityCompromise => "CERTIFICATE_AUTHORITY_COMPROMISE",
RevocationReason::CessationOfOperation => "CESSATION_OF_OPERATION",
RevocationReason::KeyCompromise => "KEY_COMPROMISE",
RevocationReason::PrivilegeWithdrawn => "PRIVILEGE_WITHDRAWN",
RevocationReason::Superseded => "SUPERSEDED",
RevocationReason::Unspecified => "UNSPECIFIED",
RevocationReason::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&[
"AFFILIATION_CHANGED",
"A_A_COMPROMISE",
"CERTIFICATE_AUTHORITY_COMPROMISE",
"CESSATION_OF_OPERATION",
"KEY_COMPROMISE",
"PRIVILEGE_WITHDRAWN",
"SUPERSEDED",
"UNSPECIFIED",
]
}
}
impl AsRef<str> for RevocationReason {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Permissions designate which private CA actions can be performed by an Amazon Web Services service or entity. In order for ACM to automatically renew private certificates, you must give the ACM service principal all available permissions (<code>IssueCertificate</code>, <code>GetCertificate</code>, and <code>ListPermissions</code>). Permissions can be assigned with the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreatePermission.html">CreatePermission</a> action, removed with the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeletePermission.html">DeletePermission</a> action, and listed with the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListPermissions.html">ListPermissions</a> action.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct Permission {
/// <p>The Amazon Resource Number (ARN) of the private CA from which the permission was issued.</p>
#[doc(hidden)]
pub certificate_authority_arn: std::option::Option<std::string::String>,
/// <p>The time at which the permission was created.</p>
#[doc(hidden)]
pub created_at: std::option::Option<aws_smithy_types::DateTime>,
/// <p>The Amazon Web Services service or entity that holds the permission. At this time, the only valid principal is <code>acm.amazonaws.com</code>.</p>
#[doc(hidden)]
pub principal: std::option::Option<std::string::String>,
/// <p>The ID of the account that assigned the permission.</p>
#[doc(hidden)]
pub source_account: std::option::Option<std::string::String>,
/// <p>The private CA actions that can be performed by the designated Amazon Web Services service.</p>
#[doc(hidden)]
pub actions: std::option::Option<std::vec::Vec<crate::model::ActionType>>,
/// <p>The name of the policy that is associated with the permission.</p>
#[doc(hidden)]
pub policy: std::option::Option<std::string::String>,
}
impl Permission {
/// <p>The Amazon Resource Number (ARN) of the private CA from which the permission was issued.</p>
pub fn certificate_authority_arn(&self) -> std::option::Option<&str> {
self.certificate_authority_arn.as_deref()
}
/// <p>The time at which the permission was created.</p>
pub fn created_at(&self) -> std::option::Option<&aws_smithy_types::DateTime> {
self.created_at.as_ref()
}
/// <p>The Amazon Web Services service or entity that holds the permission. At this time, the only valid principal is <code>acm.amazonaws.com</code>.</p>
pub fn principal(&self) -> std::option::Option<&str> {
self.principal.as_deref()
}
/// <p>The ID of the account that assigned the permission.</p>
pub fn source_account(&self) -> std::option::Option<&str> {
self.source_account.as_deref()
}
/// <p>The private CA actions that can be performed by the designated Amazon Web Services service.</p>
pub fn actions(&self) -> std::option::Option<&[crate::model::ActionType]> {
self.actions.as_deref()
}
/// <p>The name of the policy that is associated with the permission.</p>
pub fn policy(&self) -> std::option::Option<&str> {
self.policy.as_deref()
}
}
/// See [`Permission`](crate::model::Permission).
pub mod permission {
/// A builder for [`Permission`](crate::model::Permission).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) certificate_authority_arn: std::option::Option<std::string::String>,
pub(crate) created_at: std::option::Option<aws_smithy_types::DateTime>,
pub(crate) principal: std::option::Option<std::string::String>,
pub(crate) source_account: std::option::Option<std::string::String>,
pub(crate) actions: std::option::Option<std::vec::Vec<crate::model::ActionType>>,
pub(crate) policy: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>The Amazon Resource Number (ARN) of the private CA from which the permission was issued.</p>
pub fn certificate_authority_arn(mut self, input: impl Into<std::string::String>) -> Self {
self.certificate_authority_arn = Some(input.into());
self
}
/// <p>The Amazon Resource Number (ARN) of the private CA from which the permission was issued.</p>
pub fn set_certificate_authority_arn(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.certificate_authority_arn = input;
self
}
/// <p>The time at which the permission was created.</p>
pub fn created_at(mut self, input: aws_smithy_types::DateTime) -> Self {
self.created_at = Some(input);
self
}
/// <p>The time at which the permission was created.</p>
pub fn set_created_at(
mut self,
input: std::option::Option<aws_smithy_types::DateTime>,
) -> Self {
self.created_at = input;
self
}
/// <p>The Amazon Web Services service or entity that holds the permission. At this time, the only valid principal is <code>acm.amazonaws.com</code>.</p>
pub fn principal(mut self, input: impl Into<std::string::String>) -> Self {
self.principal = Some(input.into());
self
}
/// <p>The Amazon Web Services service or entity that holds the permission. At this time, the only valid principal is <code>acm.amazonaws.com</code>.</p>
pub fn set_principal(mut self, input: std::option::Option<std::string::String>) -> Self {
self.principal = input;
self
}
/// <p>The ID of the account that assigned the permission.</p>
pub fn source_account(mut self, input: impl Into<std::string::String>) -> Self {
self.source_account = Some(input.into());
self
}
/// <p>The ID of the account that assigned the permission.</p>
pub fn set_source_account(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.source_account = input;
self
}
/// Appends an item to `actions`.
///
/// To override the contents of this collection use [`set_actions`](Self::set_actions).
///
/// <p>The private CA actions that can be performed by the designated Amazon Web Services service.</p>
pub fn actions(mut self, input: crate::model::ActionType) -> Self {
let mut v = self.actions.unwrap_or_default();
v.push(input);
self.actions = Some(v);
self
}
/// <p>The private CA actions that can be performed by the designated Amazon Web Services service.</p>
pub fn set_actions(
mut self,
input: std::option::Option<std::vec::Vec<crate::model::ActionType>>,
) -> Self {
self.actions = input;
self
}
/// <p>The name of the policy that is associated with the permission.</p>
pub fn policy(mut self, input: impl Into<std::string::String>) -> Self {
self.policy = Some(input.into());
self
}
/// <p>The name of the policy that is associated with the permission.</p>
pub fn set_policy(mut self, input: std::option::Option<std::string::String>) -> Self {
self.policy = input;
self
}
/// Consumes the builder and constructs a [`Permission`](crate::model::Permission).
pub fn build(self) -> crate::model::Permission {
crate::model::Permission {
certificate_authority_arn: self.certificate_authority_arn,
created_at: self.created_at,
principal: self.principal,
source_account: self.source_account,
actions: self.actions,
policy: self.policy,
}
}
}
}
impl Permission {
/// Creates a new builder-style object to manufacture [`Permission`](crate::model::Permission).
pub fn builder() -> crate::model::permission::Builder {
crate::model::permission::Builder::default()
}
}
/// When writing a match expression against `ActionType`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let actiontype = unimplemented!();
/// match actiontype {
/// ActionType::GetCertificate => { /* ... */ },
/// ActionType::IssueCertificate => { /* ... */ },
/// ActionType::ListPermissions => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `actiontype` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `ActionType::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `ActionType::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `ActionType::NewFeature` is defined.
/// Specifically, when `actiontype` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `ActionType::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum ActionType {
#[allow(missing_docs)] // documentation missing in model
GetCertificate,
#[allow(missing_docs)] // documentation missing in model
IssueCertificate,
#[allow(missing_docs)] // documentation missing in model
ListPermissions,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for ActionType {
fn from(s: &str) -> Self {
match s {
"GetCertificate" => ActionType::GetCertificate,
"IssueCertificate" => ActionType::IssueCertificate,
"ListPermissions" => ActionType::ListPermissions,
other => ActionType::Unknown(crate::types::UnknownVariantValue(other.to_owned())),
}
}
}
impl std::str::FromStr for ActionType {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(ActionType::from(s))
}
}
impl ActionType {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
ActionType::GetCertificate => "GetCertificate",
ActionType::IssueCertificate => "IssueCertificate",
ActionType::ListPermissions => "ListPermissions",
ActionType::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["GetCertificate", "IssueCertificate", "ListPermissions"]
}
}
impl AsRef<str> for ActionType {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Contains information about your private certificate authority (CA). Your private CA can issue and revoke X.509 digital certificates. Digital certificates verify that the entity named in the certificate <b>Subject</b> field owns or controls the public key contained in the <b>Subject Public Key Info</b> field. Call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action to create your private CA. You must then call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_GetCertificateAuthorityCertificate.html">GetCertificateAuthorityCertificate</a> action to retrieve a private CA certificate signing request (CSR). Sign the CSR with your Amazon Web Services Private CA-hosted or on-premises root or subordinate CA certificate. Call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_ImportCertificateAuthorityCertificate.html">ImportCertificateAuthorityCertificate</a> action to import the signed certificate into Certificate Manager (ACM). </p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct CertificateAuthority {
/// <p>Amazon Resource Name (ARN) for your private certificate authority (CA). The format is <code> <i>12345678-1234-1234-1234-123456789012</i> </code>.</p>
#[doc(hidden)]
pub arn: std::option::Option<std::string::String>,
/// <p>The Amazon Web Services account ID that owns the certificate authority.</p>
#[doc(hidden)]
pub owner_account: std::option::Option<std::string::String>,
/// <p>Date and time at which your private CA was created.</p>
#[doc(hidden)]
pub created_at: std::option::Option<aws_smithy_types::DateTime>,
/// <p>Date and time at which your private CA was last updated.</p>
#[doc(hidden)]
pub last_state_change_at: std::option::Option<aws_smithy_types::DateTime>,
/// <p>Type of your private CA.</p>
#[doc(hidden)]
pub r#type: std::option::Option<crate::model::CertificateAuthorityType>,
/// <p>Serial number of your private CA.</p>
#[doc(hidden)]
pub serial: std::option::Option<std::string::String>,
/// <p>Status of your private CA.</p>
#[doc(hidden)]
pub status: std::option::Option<crate::model::CertificateAuthorityStatus>,
/// <p>Date and time before which your private CA certificate is not valid.</p>
#[doc(hidden)]
pub not_before: std::option::Option<aws_smithy_types::DateTime>,
/// <p>Date and time after which your private CA certificate is not valid.</p>
#[doc(hidden)]
pub not_after: std::option::Option<aws_smithy_types::DateTime>,
/// <p>Reason the request to create your private CA failed.</p>
#[doc(hidden)]
pub failure_reason: std::option::Option<crate::model::FailureReason>,
/// <p>Your private CA configuration.</p>
#[doc(hidden)]
pub certificate_authority_configuration:
std::option::Option<crate::model::CertificateAuthorityConfiguration>,
/// <p>Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA. </p>
#[doc(hidden)]
pub revocation_configuration: std::option::Option<crate::model::RevocationConfiguration>,
/// <p>The period during which a deleted CA can be restored. For more information, see the <code>PermanentDeletionTimeInDays</code> parameter of the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeleteCertificateAuthorityRequest.html">DeleteCertificateAuthorityRequest</a> action. </p>
#[doc(hidden)]
pub restorable_until: std::option::Option<aws_smithy_types::DateTime>,
/// <p>Defines a cryptographic key management compliance standard used for handling CA keys. </p>
/// <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p>
/// <p>Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an <code>InvalidArgsException</code> with the message "A certificate authority cannot be created in this region with the specified security standard."</p>
#[doc(hidden)]
pub key_storage_security_standard:
std::option::Option<crate::model::KeyStorageSecurityStandard>,
/// <p>Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.</p>
/// <p>The default value is GENERAL_PURPOSE.</p>
#[doc(hidden)]
pub usage_mode: std::option::Option<crate::model::CertificateAuthorityUsageMode>,
}
impl CertificateAuthority {
/// <p>Amazon Resource Name (ARN) for your private certificate authority (CA). The format is <code> <i>12345678-1234-1234-1234-123456789012</i> </code>.</p>
pub fn arn(&self) -> std::option::Option<&str> {
self.arn.as_deref()
}
/// <p>The Amazon Web Services account ID that owns the certificate authority.</p>
pub fn owner_account(&self) -> std::option::Option<&str> {
self.owner_account.as_deref()
}
/// <p>Date and time at which your private CA was created.</p>
pub fn created_at(&self) -> std::option::Option<&aws_smithy_types::DateTime> {
self.created_at.as_ref()
}
/// <p>Date and time at which your private CA was last updated.</p>
pub fn last_state_change_at(&self) -> std::option::Option<&aws_smithy_types::DateTime> {
self.last_state_change_at.as_ref()
}
/// <p>Type of your private CA.</p>
pub fn r#type(&self) -> std::option::Option<&crate::model::CertificateAuthorityType> {
self.r#type.as_ref()
}
/// <p>Serial number of your private CA.</p>
pub fn serial(&self) -> std::option::Option<&str> {
self.serial.as_deref()
}
/// <p>Status of your private CA.</p>
pub fn status(&self) -> std::option::Option<&crate::model::CertificateAuthorityStatus> {
self.status.as_ref()
}
/// <p>Date and time before which your private CA certificate is not valid.</p>
pub fn not_before(&self) -> std::option::Option<&aws_smithy_types::DateTime> {
self.not_before.as_ref()
}
/// <p>Date and time after which your private CA certificate is not valid.</p>
pub fn not_after(&self) -> std::option::Option<&aws_smithy_types::DateTime> {
self.not_after.as_ref()
}
/// <p>Reason the request to create your private CA failed.</p>
pub fn failure_reason(&self) -> std::option::Option<&crate::model::FailureReason> {
self.failure_reason.as_ref()
}
/// <p>Your private CA configuration.</p>
pub fn certificate_authority_configuration(
&self,
) -> std::option::Option<&crate::model::CertificateAuthorityConfiguration> {
self.certificate_authority_configuration.as_ref()
}
/// <p>Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA. </p>
pub fn revocation_configuration(
&self,
) -> std::option::Option<&crate::model::RevocationConfiguration> {
self.revocation_configuration.as_ref()
}
/// <p>The period during which a deleted CA can be restored. For more information, see the <code>PermanentDeletionTimeInDays</code> parameter of the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeleteCertificateAuthorityRequest.html">DeleteCertificateAuthorityRequest</a> action. </p>
pub fn restorable_until(&self) -> std::option::Option<&aws_smithy_types::DateTime> {
self.restorable_until.as_ref()
}
/// <p>Defines a cryptographic key management compliance standard used for handling CA keys. </p>
/// <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p>
/// <p>Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an <code>InvalidArgsException</code> with the message "A certificate authority cannot be created in this region with the specified security standard."</p>
pub fn key_storage_security_standard(
&self,
) -> std::option::Option<&crate::model::KeyStorageSecurityStandard> {
self.key_storage_security_standard.as_ref()
}
/// <p>Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.</p>
/// <p>The default value is GENERAL_PURPOSE.</p>
pub fn usage_mode(&self) -> std::option::Option<&crate::model::CertificateAuthorityUsageMode> {
self.usage_mode.as_ref()
}
}
/// See [`CertificateAuthority`](crate::model::CertificateAuthority).
pub mod certificate_authority {
/// A builder for [`CertificateAuthority`](crate::model::CertificateAuthority).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) arn: std::option::Option<std::string::String>,
pub(crate) owner_account: std::option::Option<std::string::String>,
pub(crate) created_at: std::option::Option<aws_smithy_types::DateTime>,
pub(crate) last_state_change_at: std::option::Option<aws_smithy_types::DateTime>,
pub(crate) r#type: std::option::Option<crate::model::CertificateAuthorityType>,
pub(crate) serial: std::option::Option<std::string::String>,
pub(crate) status: std::option::Option<crate::model::CertificateAuthorityStatus>,
pub(crate) not_before: std::option::Option<aws_smithy_types::DateTime>,
pub(crate) not_after: std::option::Option<aws_smithy_types::DateTime>,
pub(crate) failure_reason: std::option::Option<crate::model::FailureReason>,
pub(crate) certificate_authority_configuration:
std::option::Option<crate::model::CertificateAuthorityConfiguration>,
pub(crate) revocation_configuration:
std::option::Option<crate::model::RevocationConfiguration>,
pub(crate) restorable_until: std::option::Option<aws_smithy_types::DateTime>,
pub(crate) key_storage_security_standard:
std::option::Option<crate::model::KeyStorageSecurityStandard>,
pub(crate) usage_mode: std::option::Option<crate::model::CertificateAuthorityUsageMode>,
}
impl Builder {
/// <p>Amazon Resource Name (ARN) for your private certificate authority (CA). The format is <code> <i>12345678-1234-1234-1234-123456789012</i> </code>.</p>
pub fn arn(mut self, input: impl Into<std::string::String>) -> Self {
self.arn = Some(input.into());
self
}
/// <p>Amazon Resource Name (ARN) for your private certificate authority (CA). The format is <code> <i>12345678-1234-1234-1234-123456789012</i> </code>.</p>
pub fn set_arn(mut self, input: std::option::Option<std::string::String>) -> Self {
self.arn = input;
self
}
/// <p>The Amazon Web Services account ID that owns the certificate authority.</p>
pub fn owner_account(mut self, input: impl Into<std::string::String>) -> Self {
self.owner_account = Some(input.into());
self
}
/// <p>The Amazon Web Services account ID that owns the certificate authority.</p>
pub fn set_owner_account(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.owner_account = input;
self
}
/// <p>Date and time at which your private CA was created.</p>
pub fn created_at(mut self, input: aws_smithy_types::DateTime) -> Self {
self.created_at = Some(input);
self
}
/// <p>Date and time at which your private CA was created.</p>
pub fn set_created_at(
mut self,
input: std::option::Option<aws_smithy_types::DateTime>,
) -> Self {
self.created_at = input;
self
}
/// <p>Date and time at which your private CA was last updated.</p>
pub fn last_state_change_at(mut self, input: aws_smithy_types::DateTime) -> Self {
self.last_state_change_at = Some(input);
self
}
/// <p>Date and time at which your private CA was last updated.</p>
pub fn set_last_state_change_at(
mut self,
input: std::option::Option<aws_smithy_types::DateTime>,
) -> Self {
self.last_state_change_at = input;
self
}
/// <p>Type of your private CA.</p>
pub fn r#type(mut self, input: crate::model::CertificateAuthorityType) -> Self {
self.r#type = Some(input);
self
}
/// <p>Type of your private CA.</p>
pub fn set_type(
mut self,
input: std::option::Option<crate::model::CertificateAuthorityType>,
) -> Self {
self.r#type = input;
self
}
/// <p>Serial number of your private CA.</p>
pub fn serial(mut self, input: impl Into<std::string::String>) -> Self {
self.serial = Some(input.into());
self
}
/// <p>Serial number of your private CA.</p>
pub fn set_serial(mut self, input: std::option::Option<std::string::String>) -> Self {
self.serial = input;
self
}
/// <p>Status of your private CA.</p>
pub fn status(mut self, input: crate::model::CertificateAuthorityStatus) -> Self {
self.status = Some(input);
self
}
/// <p>Status of your private CA.</p>
pub fn set_status(
mut self,
input: std::option::Option<crate::model::CertificateAuthorityStatus>,
) -> Self {
self.status = input;
self
}
/// <p>Date and time before which your private CA certificate is not valid.</p>
pub fn not_before(mut self, input: aws_smithy_types::DateTime) -> Self {
self.not_before = Some(input);
self
}
/// <p>Date and time before which your private CA certificate is not valid.</p>
pub fn set_not_before(
mut self,
input: std::option::Option<aws_smithy_types::DateTime>,
) -> Self {
self.not_before = input;
self
}
/// <p>Date and time after which your private CA certificate is not valid.</p>
pub fn not_after(mut self, input: aws_smithy_types::DateTime) -> Self {
self.not_after = Some(input);
self
}
/// <p>Date and time after which your private CA certificate is not valid.</p>
pub fn set_not_after(
mut self,
input: std::option::Option<aws_smithy_types::DateTime>,
) -> Self {
self.not_after = input;
self
}
/// <p>Reason the request to create your private CA failed.</p>
pub fn failure_reason(mut self, input: crate::model::FailureReason) -> Self {
self.failure_reason = Some(input);
self
}
/// <p>Reason the request to create your private CA failed.</p>
pub fn set_failure_reason(
mut self,
input: std::option::Option<crate::model::FailureReason>,
) -> Self {
self.failure_reason = input;
self
}
/// <p>Your private CA configuration.</p>
pub fn certificate_authority_configuration(
mut self,
input: crate::model::CertificateAuthorityConfiguration,
) -> Self {
self.certificate_authority_configuration = Some(input);
self
}
/// <p>Your private CA configuration.</p>
pub fn set_certificate_authority_configuration(
mut self,
input: std::option::Option<crate::model::CertificateAuthorityConfiguration>,
) -> Self {
self.certificate_authority_configuration = input;
self
}
/// <p>Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA. </p>
pub fn revocation_configuration(
mut self,
input: crate::model::RevocationConfiguration,
) -> Self {
self.revocation_configuration = Some(input);
self
}
/// <p>Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA. </p>
pub fn set_revocation_configuration(
mut self,
input: std::option::Option<crate::model::RevocationConfiguration>,
) -> Self {
self.revocation_configuration = input;
self
}
/// <p>The period during which a deleted CA can be restored. For more information, see the <code>PermanentDeletionTimeInDays</code> parameter of the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeleteCertificateAuthorityRequest.html">DeleteCertificateAuthorityRequest</a> action. </p>
pub fn restorable_until(mut self, input: aws_smithy_types::DateTime) -> Self {
self.restorable_until = Some(input);
self
}
/// <p>The period during which a deleted CA can be restored. For more information, see the <code>PermanentDeletionTimeInDays</code> parameter of the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeleteCertificateAuthorityRequest.html">DeleteCertificateAuthorityRequest</a> action. </p>
pub fn set_restorable_until(
mut self,
input: std::option::Option<aws_smithy_types::DateTime>,
) -> Self {
self.restorable_until = input;
self
}
/// <p>Defines a cryptographic key management compliance standard used for handling CA keys. </p>
/// <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p>
/// <p>Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an <code>InvalidArgsException</code> with the message "A certificate authority cannot be created in this region with the specified security standard."</p>
pub fn key_storage_security_standard(
mut self,
input: crate::model::KeyStorageSecurityStandard,
) -> Self {
self.key_storage_security_standard = Some(input);
self
}
/// <p>Defines a cryptographic key management compliance standard used for handling CA keys. </p>
/// <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p>
/// <p>Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an <code>InvalidArgsException</code> with the message "A certificate authority cannot be created in this region with the specified security standard."</p>
pub fn set_key_storage_security_standard(
mut self,
input: std::option::Option<crate::model::KeyStorageSecurityStandard>,
) -> Self {
self.key_storage_security_standard = input;
self
}
/// <p>Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.</p>
/// <p>The default value is GENERAL_PURPOSE.</p>
pub fn usage_mode(mut self, input: crate::model::CertificateAuthorityUsageMode) -> Self {
self.usage_mode = Some(input);
self
}
/// <p>Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.</p>
/// <p>The default value is GENERAL_PURPOSE.</p>
pub fn set_usage_mode(
mut self,
input: std::option::Option<crate::model::CertificateAuthorityUsageMode>,
) -> Self {
self.usage_mode = input;
self
}
/// Consumes the builder and constructs a [`CertificateAuthority`](crate::model::CertificateAuthority).
pub fn build(self) -> crate::model::CertificateAuthority {
crate::model::CertificateAuthority {
arn: self.arn,
owner_account: self.owner_account,
created_at: self.created_at,
last_state_change_at: self.last_state_change_at,
r#type: self.r#type,
serial: self.serial,
status: self.status,
not_before: self.not_before,
not_after: self.not_after,
failure_reason: self.failure_reason,
certificate_authority_configuration: self.certificate_authority_configuration,
revocation_configuration: self.revocation_configuration,
restorable_until: self.restorable_until,
key_storage_security_standard: self.key_storage_security_standard,
usage_mode: self.usage_mode,
}
}
}
}
impl CertificateAuthority {
/// Creates a new builder-style object to manufacture [`CertificateAuthority`](crate::model::CertificateAuthority).
pub fn builder() -> crate::model::certificate_authority::Builder {
crate::model::certificate_authority::Builder::default()
}
}
/// When writing a match expression against `CertificateAuthorityUsageMode`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let certificateauthorityusagemode = unimplemented!();
/// match certificateauthorityusagemode {
/// CertificateAuthorityUsageMode::GeneralPurpose => { /* ... */ },
/// CertificateAuthorityUsageMode::ShortLivedCertificate => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `certificateauthorityusagemode` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `CertificateAuthorityUsageMode::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `CertificateAuthorityUsageMode::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `CertificateAuthorityUsageMode::NewFeature` is defined.
/// Specifically, when `certificateauthorityusagemode` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `CertificateAuthorityUsageMode::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum CertificateAuthorityUsageMode {
#[allow(missing_docs)] // documentation missing in model
GeneralPurpose,
#[allow(missing_docs)] // documentation missing in model
ShortLivedCertificate,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for CertificateAuthorityUsageMode {
fn from(s: &str) -> Self {
match s {
"GENERAL_PURPOSE" => CertificateAuthorityUsageMode::GeneralPurpose,
"SHORT_LIVED_CERTIFICATE" => CertificateAuthorityUsageMode::ShortLivedCertificate,
other => CertificateAuthorityUsageMode::Unknown(crate::types::UnknownVariantValue(
other.to_owned(),
)),
}
}
}
impl std::str::FromStr for CertificateAuthorityUsageMode {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(CertificateAuthorityUsageMode::from(s))
}
}
impl CertificateAuthorityUsageMode {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
CertificateAuthorityUsageMode::GeneralPurpose => "GENERAL_PURPOSE",
CertificateAuthorityUsageMode::ShortLivedCertificate => "SHORT_LIVED_CERTIFICATE",
CertificateAuthorityUsageMode::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["GENERAL_PURPOSE", "SHORT_LIVED_CERTIFICATE"]
}
}
impl AsRef<str> for CertificateAuthorityUsageMode {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// When writing a match expression against `KeyStorageSecurityStandard`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let keystoragesecuritystandard = unimplemented!();
/// match keystoragesecuritystandard {
/// KeyStorageSecurityStandard::Fips1402Level2OrHigher => { /* ... */ },
/// KeyStorageSecurityStandard::Fips1402Level3OrHigher => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `keystoragesecuritystandard` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `KeyStorageSecurityStandard::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `KeyStorageSecurityStandard::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `KeyStorageSecurityStandard::NewFeature` is defined.
/// Specifically, when `keystoragesecuritystandard` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `KeyStorageSecurityStandard::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum KeyStorageSecurityStandard {
#[allow(missing_docs)] // documentation missing in model
Fips1402Level2OrHigher,
#[allow(missing_docs)] // documentation missing in model
Fips1402Level3OrHigher,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for KeyStorageSecurityStandard {
fn from(s: &str) -> Self {
match s {
"FIPS_140_2_LEVEL_2_OR_HIGHER" => KeyStorageSecurityStandard::Fips1402Level2OrHigher,
"FIPS_140_2_LEVEL_3_OR_HIGHER" => KeyStorageSecurityStandard::Fips1402Level3OrHigher,
other => KeyStorageSecurityStandard::Unknown(crate::types::UnknownVariantValue(
other.to_owned(),
)),
}
}
}
impl std::str::FromStr for KeyStorageSecurityStandard {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(KeyStorageSecurityStandard::from(s))
}
}
impl KeyStorageSecurityStandard {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
KeyStorageSecurityStandard::Fips1402Level2OrHigher => "FIPS_140_2_LEVEL_2_OR_HIGHER",
KeyStorageSecurityStandard::Fips1402Level3OrHigher => "FIPS_140_2_LEVEL_3_OR_HIGHER",
KeyStorageSecurityStandard::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&[
"FIPS_140_2_LEVEL_2_OR_HIGHER",
"FIPS_140_2_LEVEL_3_OR_HIGHER",
]
}
}
impl AsRef<str> for KeyStorageSecurityStandard {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Contains configuration information for your private certificate authority (CA). This includes information about the class of public key algorithm and the key pair that your private CA creates when it issues a certificate. It also includes the signature algorithm that it uses when issuing certificates, and its X.500 distinguished name. You must specify this information when you call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action. </p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct CertificateAuthorityConfiguration {
/// <p>Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.</p>
#[doc(hidden)]
pub key_algorithm: std::option::Option<crate::model::KeyAlgorithm>,
/// <p>Name of the algorithm your private CA uses to sign certificate requests.</p>
/// <p>This parameter should not be confused with the <code>SigningAlgorithm</code> parameter used to sign certificates when they are issued.</p>
#[doc(hidden)]
pub signing_algorithm: std::option::Option<crate::model::SigningAlgorithm>,
/// <p>Structure that contains X.500 distinguished name information for your private CA.</p>
#[doc(hidden)]
pub subject: std::option::Option<crate::model::Asn1Subject>,
/// <p>Specifies information to be added to the extension section of the certificate signing request (CSR).</p>
#[doc(hidden)]
pub csr_extensions: std::option::Option<crate::model::CsrExtensions>,
}
impl CertificateAuthorityConfiguration {
/// <p>Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.</p>
pub fn key_algorithm(&self) -> std::option::Option<&crate::model::KeyAlgorithm> {
self.key_algorithm.as_ref()
}
/// <p>Name of the algorithm your private CA uses to sign certificate requests.</p>
/// <p>This parameter should not be confused with the <code>SigningAlgorithm</code> parameter used to sign certificates when they are issued.</p>
pub fn signing_algorithm(&self) -> std::option::Option<&crate::model::SigningAlgorithm> {
self.signing_algorithm.as_ref()
}
/// <p>Structure that contains X.500 distinguished name information for your private CA.</p>
pub fn subject(&self) -> std::option::Option<&crate::model::Asn1Subject> {
self.subject.as_ref()
}
/// <p>Specifies information to be added to the extension section of the certificate signing request (CSR).</p>
pub fn csr_extensions(&self) -> std::option::Option<&crate::model::CsrExtensions> {
self.csr_extensions.as_ref()
}
}
/// See [`CertificateAuthorityConfiguration`](crate::model::CertificateAuthorityConfiguration).
pub mod certificate_authority_configuration {
/// A builder for [`CertificateAuthorityConfiguration`](crate::model::CertificateAuthorityConfiguration).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) key_algorithm: std::option::Option<crate::model::KeyAlgorithm>,
pub(crate) signing_algorithm: std::option::Option<crate::model::SigningAlgorithm>,
pub(crate) subject: std::option::Option<crate::model::Asn1Subject>,
pub(crate) csr_extensions: std::option::Option<crate::model::CsrExtensions>,
}
impl Builder {
/// <p>Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.</p>
pub fn key_algorithm(mut self, input: crate::model::KeyAlgorithm) -> Self {
self.key_algorithm = Some(input);
self
}
/// <p>Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.</p>
pub fn set_key_algorithm(
mut self,
input: std::option::Option<crate::model::KeyAlgorithm>,
) -> Self {
self.key_algorithm = input;
self
}
/// <p>Name of the algorithm your private CA uses to sign certificate requests.</p>
/// <p>This parameter should not be confused with the <code>SigningAlgorithm</code> parameter used to sign certificates when they are issued.</p>
pub fn signing_algorithm(mut self, input: crate::model::SigningAlgorithm) -> Self {
self.signing_algorithm = Some(input);
self
}
/// <p>Name of the algorithm your private CA uses to sign certificate requests.</p>
/// <p>This parameter should not be confused with the <code>SigningAlgorithm</code> parameter used to sign certificates when they are issued.</p>
pub fn set_signing_algorithm(
mut self,
input: std::option::Option<crate::model::SigningAlgorithm>,
) -> Self {
self.signing_algorithm = input;
self
}
/// <p>Structure that contains X.500 distinguished name information for your private CA.</p>
pub fn subject(mut self, input: crate::model::Asn1Subject) -> Self {
self.subject = Some(input);
self
}
/// <p>Structure that contains X.500 distinguished name information for your private CA.</p>
pub fn set_subject(
mut self,
input: std::option::Option<crate::model::Asn1Subject>,
) -> Self {
self.subject = input;
self
}
/// <p>Specifies information to be added to the extension section of the certificate signing request (CSR).</p>
pub fn csr_extensions(mut self, input: crate::model::CsrExtensions) -> Self {
self.csr_extensions = Some(input);
self
}
/// <p>Specifies information to be added to the extension section of the certificate signing request (CSR).</p>
pub fn set_csr_extensions(
mut self,
input: std::option::Option<crate::model::CsrExtensions>,
) -> Self {
self.csr_extensions = input;
self
}
/// Consumes the builder and constructs a [`CertificateAuthorityConfiguration`](crate::model::CertificateAuthorityConfiguration).
pub fn build(self) -> crate::model::CertificateAuthorityConfiguration {
crate::model::CertificateAuthorityConfiguration {
key_algorithm: self.key_algorithm,
signing_algorithm: self.signing_algorithm,
subject: self.subject,
csr_extensions: self.csr_extensions,
}
}
}
}
impl CertificateAuthorityConfiguration {
/// Creates a new builder-style object to manufacture [`CertificateAuthorityConfiguration`](crate::model::CertificateAuthorityConfiguration).
pub fn builder() -> crate::model::certificate_authority_configuration::Builder {
crate::model::certificate_authority_configuration::Builder::default()
}
}
/// <p>Describes the certificate extensions to be added to the certificate signing request (CSR).</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct CsrExtensions {
/// <p>Indicates the purpose of the certificate and of the key contained in the certificate.</p>
#[doc(hidden)]
pub key_usage: std::option::Option<crate::model::KeyUsage>,
/// <p>For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.2">Subject Information Access</a> in RFC 5280.</p>
#[doc(hidden)]
pub subject_information_access:
std::option::Option<std::vec::Vec<crate::model::AccessDescription>>,
}
impl CsrExtensions {
/// <p>Indicates the purpose of the certificate and of the key contained in the certificate.</p>
pub fn key_usage(&self) -> std::option::Option<&crate::model::KeyUsage> {
self.key_usage.as_ref()
}
/// <p>For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.2">Subject Information Access</a> in RFC 5280.</p>
pub fn subject_information_access(
&self,
) -> std::option::Option<&[crate::model::AccessDescription]> {
self.subject_information_access.as_deref()
}
}
/// See [`CsrExtensions`](crate::model::CsrExtensions).
pub mod csr_extensions {
/// A builder for [`CsrExtensions`](crate::model::CsrExtensions).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) key_usage: std::option::Option<crate::model::KeyUsage>,
pub(crate) subject_information_access:
std::option::Option<std::vec::Vec<crate::model::AccessDescription>>,
}
impl Builder {
/// <p>Indicates the purpose of the certificate and of the key contained in the certificate.</p>
pub fn key_usage(mut self, input: crate::model::KeyUsage) -> Self {
self.key_usage = Some(input);
self
}
/// <p>Indicates the purpose of the certificate and of the key contained in the certificate.</p>
pub fn set_key_usage(mut self, input: std::option::Option<crate::model::KeyUsage>) -> Self {
self.key_usage = input;
self
}
/// Appends an item to `subject_information_access`.
///
/// To override the contents of this collection use [`set_subject_information_access`](Self::set_subject_information_access).
///
/// <p>For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.2">Subject Information Access</a> in RFC 5280.</p>
pub fn subject_information_access(
mut self,
input: crate::model::AccessDescription,
) -> Self {
let mut v = self.subject_information_access.unwrap_or_default();
v.push(input);
self.subject_information_access = Some(v);
self
}
/// <p>For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.2">Subject Information Access</a> in RFC 5280.</p>
pub fn set_subject_information_access(
mut self,
input: std::option::Option<std::vec::Vec<crate::model::AccessDescription>>,
) -> Self {
self.subject_information_access = input;
self
}
/// Consumes the builder and constructs a [`CsrExtensions`](crate::model::CsrExtensions).
pub fn build(self) -> crate::model::CsrExtensions {
crate::model::CsrExtensions {
key_usage: self.key_usage,
subject_information_access: self.subject_information_access,
}
}
}
}
impl CsrExtensions {
/// Creates a new builder-style object to manufacture [`CsrExtensions`](crate::model::CsrExtensions).
pub fn builder() -> crate::model::csr_extensions::Builder {
crate::model::csr_extensions::Builder::default()
}
}
/// <p>Provides access information used by the <code>authorityInfoAccess</code> and <code>subjectInfoAccess</code> extensions described in <a href="https://datatracker.ietf.org/doc/html/rfc5280">RFC 5280</a>.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct AccessDescription {
/// <p>The type and format of <code>AccessDescription</code> information.</p>
#[doc(hidden)]
pub access_method: std::option::Option<crate::model::AccessMethod>,
/// <p>The location of <code>AccessDescription</code> information.</p>
#[doc(hidden)]
pub access_location: std::option::Option<crate::model::GeneralName>,
}
impl AccessDescription {
/// <p>The type and format of <code>AccessDescription</code> information.</p>
pub fn access_method(&self) -> std::option::Option<&crate::model::AccessMethod> {
self.access_method.as_ref()
}
/// <p>The location of <code>AccessDescription</code> information.</p>
pub fn access_location(&self) -> std::option::Option<&crate::model::GeneralName> {
self.access_location.as_ref()
}
}
/// See [`AccessDescription`](crate::model::AccessDescription).
pub mod access_description {
/// A builder for [`AccessDescription`](crate::model::AccessDescription).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) access_method: std::option::Option<crate::model::AccessMethod>,
pub(crate) access_location: std::option::Option<crate::model::GeneralName>,
}
impl Builder {
/// <p>The type and format of <code>AccessDescription</code> information.</p>
pub fn access_method(mut self, input: crate::model::AccessMethod) -> Self {
self.access_method = Some(input);
self
}
/// <p>The type and format of <code>AccessDescription</code> information.</p>
pub fn set_access_method(
mut self,
input: std::option::Option<crate::model::AccessMethod>,
) -> Self {
self.access_method = input;
self
}
/// <p>The location of <code>AccessDescription</code> information.</p>
pub fn access_location(mut self, input: crate::model::GeneralName) -> Self {
self.access_location = Some(input);
self
}
/// <p>The location of <code>AccessDescription</code> information.</p>
pub fn set_access_location(
mut self,
input: std::option::Option<crate::model::GeneralName>,
) -> Self {
self.access_location = input;
self
}
/// Consumes the builder and constructs a [`AccessDescription`](crate::model::AccessDescription).
pub fn build(self) -> crate::model::AccessDescription {
crate::model::AccessDescription {
access_method: self.access_method,
access_location: self.access_location,
}
}
}
}
impl AccessDescription {
/// Creates a new builder-style object to manufacture [`AccessDescription`](crate::model::AccessDescription).
pub fn builder() -> crate::model::access_description::Builder {
crate::model::access_description::Builder::default()
}
}
/// <p>Describes an ASN.1 X.400 <code>GeneralName</code> as defined in <a href="https://datatracker.ietf.org/doc/html/rfc5280">RFC 5280</a>. Only one of the following naming options should be provided. Providing more than one option results in an <code>InvalidArgsException</code> error.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct GeneralName {
/// <p>Represents <code>GeneralName</code> using an <code>OtherName</code> object.</p>
#[doc(hidden)]
pub other_name: std::option::Option<crate::model::OtherName>,
/// <p>Represents <code>GeneralName</code> as an <a href="https://datatracker.ietf.org/doc/html/rfc822">RFC 822</a> email address.</p>
#[doc(hidden)]
pub rfc822_name: std::option::Option<std::string::String>,
/// <p>Represents <code>GeneralName</code> as a DNS name.</p>
#[doc(hidden)]
pub dns_name: std::option::Option<std::string::String>,
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
#[doc(hidden)]
pub directory_name: std::option::Option<crate::model::Asn1Subject>,
/// <p>Represents <code>GeneralName</code> as an <code>EdiPartyName</code> object.</p>
#[doc(hidden)]
pub edi_party_name: std::option::Option<crate::model::EdiPartyName>,
/// <p>Represents <code>GeneralName</code> as a URI.</p>
#[doc(hidden)]
pub uniform_resource_identifier: std::option::Option<std::string::String>,
/// <p>Represents <code>GeneralName</code> as an IPv4 or IPv6 address.</p>
#[doc(hidden)]
pub ip_address: std::option::Option<std::string::String>,
/// <p> Represents <code>GeneralName</code> as an object identifier (OID).</p>
#[doc(hidden)]
pub registered_id: std::option::Option<std::string::String>,
}
impl GeneralName {
/// <p>Represents <code>GeneralName</code> using an <code>OtherName</code> object.</p>
pub fn other_name(&self) -> std::option::Option<&crate::model::OtherName> {
self.other_name.as_ref()
}
/// <p>Represents <code>GeneralName</code> as an <a href="https://datatracker.ietf.org/doc/html/rfc822">RFC 822</a> email address.</p>
pub fn rfc822_name(&self) -> std::option::Option<&str> {
self.rfc822_name.as_deref()
}
/// <p>Represents <code>GeneralName</code> as a DNS name.</p>
pub fn dns_name(&self) -> std::option::Option<&str> {
self.dns_name.as_deref()
}
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
pub fn directory_name(&self) -> std::option::Option<&crate::model::Asn1Subject> {
self.directory_name.as_ref()
}
/// <p>Represents <code>GeneralName</code> as an <code>EdiPartyName</code> object.</p>
pub fn edi_party_name(&self) -> std::option::Option<&crate::model::EdiPartyName> {
self.edi_party_name.as_ref()
}
/// <p>Represents <code>GeneralName</code> as a URI.</p>
pub fn uniform_resource_identifier(&self) -> std::option::Option<&str> {
self.uniform_resource_identifier.as_deref()
}
/// <p>Represents <code>GeneralName</code> as an IPv4 or IPv6 address.</p>
pub fn ip_address(&self) -> std::option::Option<&str> {
self.ip_address.as_deref()
}
/// <p> Represents <code>GeneralName</code> as an object identifier (OID).</p>
pub fn registered_id(&self) -> std::option::Option<&str> {
self.registered_id.as_deref()
}
}
/// See [`GeneralName`](crate::model::GeneralName).
pub mod general_name {
/// A builder for [`GeneralName`](crate::model::GeneralName).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) other_name: std::option::Option<crate::model::OtherName>,
pub(crate) rfc822_name: std::option::Option<std::string::String>,
pub(crate) dns_name: std::option::Option<std::string::String>,
pub(crate) directory_name: std::option::Option<crate::model::Asn1Subject>,
pub(crate) edi_party_name: std::option::Option<crate::model::EdiPartyName>,
pub(crate) uniform_resource_identifier: std::option::Option<std::string::String>,
pub(crate) ip_address: std::option::Option<std::string::String>,
pub(crate) registered_id: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>Represents <code>GeneralName</code> using an <code>OtherName</code> object.</p>
pub fn other_name(mut self, input: crate::model::OtherName) -> Self {
self.other_name = Some(input);
self
}
/// <p>Represents <code>GeneralName</code> using an <code>OtherName</code> object.</p>
pub fn set_other_name(
mut self,
input: std::option::Option<crate::model::OtherName>,
) -> Self {
self.other_name = input;
self
}
/// <p>Represents <code>GeneralName</code> as an <a href="https://datatracker.ietf.org/doc/html/rfc822">RFC 822</a> email address.</p>
pub fn rfc822_name(mut self, input: impl Into<std::string::String>) -> Self {
self.rfc822_name = Some(input.into());
self
}
/// <p>Represents <code>GeneralName</code> as an <a href="https://datatracker.ietf.org/doc/html/rfc822">RFC 822</a> email address.</p>
pub fn set_rfc822_name(mut self, input: std::option::Option<std::string::String>) -> Self {
self.rfc822_name = input;
self
}
/// <p>Represents <code>GeneralName</code> as a DNS name.</p>
pub fn dns_name(mut self, input: impl Into<std::string::String>) -> Self {
self.dns_name = Some(input.into());
self
}
/// <p>Represents <code>GeneralName</code> as a DNS name.</p>
pub fn set_dns_name(mut self, input: std::option::Option<std::string::String>) -> Self {
self.dns_name = input;
self
}
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
pub fn directory_name(mut self, input: crate::model::Asn1Subject) -> Self {
self.directory_name = Some(input);
self
}
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
pub fn set_directory_name(
mut self,
input: std::option::Option<crate::model::Asn1Subject>,
) -> Self {
self.directory_name = input;
self
}
/// <p>Represents <code>GeneralName</code> as an <code>EdiPartyName</code> object.</p>
pub fn edi_party_name(mut self, input: crate::model::EdiPartyName) -> Self {
self.edi_party_name = Some(input);
self
}
/// <p>Represents <code>GeneralName</code> as an <code>EdiPartyName</code> object.</p>
pub fn set_edi_party_name(
mut self,
input: std::option::Option<crate::model::EdiPartyName>,
) -> Self {
self.edi_party_name = input;
self
}
/// <p>Represents <code>GeneralName</code> as a URI.</p>
pub fn uniform_resource_identifier(
mut self,
input: impl Into<std::string::String>,
) -> Self {
self.uniform_resource_identifier = Some(input.into());
self
}
/// <p>Represents <code>GeneralName</code> as a URI.</p>
pub fn set_uniform_resource_identifier(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.uniform_resource_identifier = input;
self
}
/// <p>Represents <code>GeneralName</code> as an IPv4 or IPv6 address.</p>
pub fn ip_address(mut self, input: impl Into<std::string::String>) -> Self {
self.ip_address = Some(input.into());
self
}
/// <p>Represents <code>GeneralName</code> as an IPv4 or IPv6 address.</p>
pub fn set_ip_address(mut self, input: std::option::Option<std::string::String>) -> Self {
self.ip_address = input;
self
}
/// <p> Represents <code>GeneralName</code> as an object identifier (OID).</p>
pub fn registered_id(mut self, input: impl Into<std::string::String>) -> Self {
self.registered_id = Some(input.into());
self
}
/// <p> Represents <code>GeneralName</code> as an object identifier (OID).</p>
pub fn set_registered_id(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.registered_id = input;
self
}
/// Consumes the builder and constructs a [`GeneralName`](crate::model::GeneralName).
pub fn build(self) -> crate::model::GeneralName {
crate::model::GeneralName {
other_name: self.other_name,
rfc822_name: self.rfc822_name,
dns_name: self.dns_name,
directory_name: self.directory_name,
edi_party_name: self.edi_party_name,
uniform_resource_identifier: self.uniform_resource_identifier,
ip_address: self.ip_address,
registered_id: self.registered_id,
}
}
}
}
impl GeneralName {
/// Creates a new builder-style object to manufacture [`GeneralName`](crate::model::GeneralName).
pub fn builder() -> crate::model::general_name::Builder {
crate::model::general_name::Builder::default()
}
}
/// <p>Describes an Electronic Data Interchange (EDI) entity as described in as defined in <a href="https://datatracker.ietf.org/doc/html/rfc5280">Subject Alternative Name</a> in RFC 5280.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct EdiPartyName {
/// <p>Specifies the party name.</p>
#[doc(hidden)]
pub party_name: std::option::Option<std::string::String>,
/// <p>Specifies the name assigner.</p>
#[doc(hidden)]
pub name_assigner: std::option::Option<std::string::String>,
}
impl EdiPartyName {
/// <p>Specifies the party name.</p>
pub fn party_name(&self) -> std::option::Option<&str> {
self.party_name.as_deref()
}
/// <p>Specifies the name assigner.</p>
pub fn name_assigner(&self) -> std::option::Option<&str> {
self.name_assigner.as_deref()
}
}
/// See [`EdiPartyName`](crate::model::EdiPartyName).
pub mod edi_party_name {
/// A builder for [`EdiPartyName`](crate::model::EdiPartyName).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) party_name: std::option::Option<std::string::String>,
pub(crate) name_assigner: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>Specifies the party name.</p>
pub fn party_name(mut self, input: impl Into<std::string::String>) -> Self {
self.party_name = Some(input.into());
self
}
/// <p>Specifies the party name.</p>
pub fn set_party_name(mut self, input: std::option::Option<std::string::String>) -> Self {
self.party_name = input;
self
}
/// <p>Specifies the name assigner.</p>
pub fn name_assigner(mut self, input: impl Into<std::string::String>) -> Self {
self.name_assigner = Some(input.into());
self
}
/// <p>Specifies the name assigner.</p>
pub fn set_name_assigner(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.name_assigner = input;
self
}
/// Consumes the builder and constructs a [`EdiPartyName`](crate::model::EdiPartyName).
pub fn build(self) -> crate::model::EdiPartyName {
crate::model::EdiPartyName {
party_name: self.party_name,
name_assigner: self.name_assigner,
}
}
}
}
impl EdiPartyName {
/// Creates a new builder-style object to manufacture [`EdiPartyName`](crate::model::EdiPartyName).
pub fn builder() -> crate::model::edi_party_name::Builder {
crate::model::edi_party_name::Builder::default()
}
}
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct Asn1Subject {
/// <p>Two-digit code that specifies the country in which the certificate subject located.</p>
#[doc(hidden)]
pub country: std::option::Option<std::string::String>,
/// <p>Legal name of the organization with which the certificate subject is affiliated. </p>
#[doc(hidden)]
pub organization: std::option::Option<std::string::String>,
/// <p>A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.</p>
#[doc(hidden)]
pub organizational_unit: std::option::Option<std::string::String>,
/// <p>Disambiguating information for the certificate subject.</p>
#[doc(hidden)]
pub distinguished_name_qualifier: std::option::Option<std::string::String>,
/// <p>State in which the subject of the certificate is located.</p>
#[doc(hidden)]
pub state: std::option::Option<std::string::String>,
/// <p>For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit. </p>
/// <p>Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject.</p>
#[doc(hidden)]
pub common_name: std::option::Option<std::string::String>,
/// <p>The certificate serial number.</p>
#[doc(hidden)]
pub serial_number: std::option::Option<std::string::String>,
/// <p>The locality (such as a city or town) in which the certificate subject is located.</p>
#[doc(hidden)]
pub locality: std::option::Option<std::string::String>,
/// <p>A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject.</p>
#[doc(hidden)]
pub title: std::option::Option<std::string::String>,
/// <p>Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.</p>
#[doc(hidden)]
pub surname: std::option::Option<std::string::String>,
/// <p>First name.</p>
#[doc(hidden)]
pub given_name: std::option::Option<std::string::String>,
/// <p>Concatenation that typically contains the first letter of the <b>GivenName</b>, the first letter of the middle name if one exists, and the first letter of the <b>Surname</b>.</p>
#[doc(hidden)]
pub initials: std::option::Option<std::string::String>,
/// <p>Typically a shortened version of a longer <b>GivenName</b>. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.</p>
#[doc(hidden)]
pub pseudonym: std::option::Option<std::string::String>,
/// <p>Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.</p>
#[doc(hidden)]
pub generation_qualifier: std::option::Option<std::string::String>,
/// <p></p>
/// <p>Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p> <note>
/// <p>Custom attributes cannot be used in combination with standard attributes.</p>
/// </note>
#[doc(hidden)]
pub custom_attributes: std::option::Option<std::vec::Vec<crate::model::CustomAttribute>>,
}
impl Asn1Subject {
/// <p>Two-digit code that specifies the country in which the certificate subject located.</p>
pub fn country(&self) -> std::option::Option<&str> {
self.country.as_deref()
}
/// <p>Legal name of the organization with which the certificate subject is affiliated. </p>
pub fn organization(&self) -> std::option::Option<&str> {
self.organization.as_deref()
}
/// <p>A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.</p>
pub fn organizational_unit(&self) -> std::option::Option<&str> {
self.organizational_unit.as_deref()
}
/// <p>Disambiguating information for the certificate subject.</p>
pub fn distinguished_name_qualifier(&self) -> std::option::Option<&str> {
self.distinguished_name_qualifier.as_deref()
}
/// <p>State in which the subject of the certificate is located.</p>
pub fn state(&self) -> std::option::Option<&str> {
self.state.as_deref()
}
/// <p>For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit. </p>
/// <p>Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject.</p>
pub fn common_name(&self) -> std::option::Option<&str> {
self.common_name.as_deref()
}
/// <p>The certificate serial number.</p>
pub fn serial_number(&self) -> std::option::Option<&str> {
self.serial_number.as_deref()
}
/// <p>The locality (such as a city or town) in which the certificate subject is located.</p>
pub fn locality(&self) -> std::option::Option<&str> {
self.locality.as_deref()
}
/// <p>A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject.</p>
pub fn title(&self) -> std::option::Option<&str> {
self.title.as_deref()
}
/// <p>Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.</p>
pub fn surname(&self) -> std::option::Option<&str> {
self.surname.as_deref()
}
/// <p>First name.</p>
pub fn given_name(&self) -> std::option::Option<&str> {
self.given_name.as_deref()
}
/// <p>Concatenation that typically contains the first letter of the <b>GivenName</b>, the first letter of the middle name if one exists, and the first letter of the <b>Surname</b>.</p>
pub fn initials(&self) -> std::option::Option<&str> {
self.initials.as_deref()
}
/// <p>Typically a shortened version of a longer <b>GivenName</b>. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.</p>
pub fn pseudonym(&self) -> std::option::Option<&str> {
self.pseudonym.as_deref()
}
/// <p>Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.</p>
pub fn generation_qualifier(&self) -> std::option::Option<&str> {
self.generation_qualifier.as_deref()
}
/// <p></p>
/// <p>Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p> <note>
/// <p>Custom attributes cannot be used in combination with standard attributes.</p>
/// </note>
pub fn custom_attributes(&self) -> std::option::Option<&[crate::model::CustomAttribute]> {
self.custom_attributes.as_deref()
}
}
/// See [`Asn1Subject`](crate::model::Asn1Subject).
pub mod asn1_subject {
/// A builder for [`Asn1Subject`](crate::model::Asn1Subject).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) country: std::option::Option<std::string::String>,
pub(crate) organization: std::option::Option<std::string::String>,
pub(crate) organizational_unit: std::option::Option<std::string::String>,
pub(crate) distinguished_name_qualifier: std::option::Option<std::string::String>,
pub(crate) state: std::option::Option<std::string::String>,
pub(crate) common_name: std::option::Option<std::string::String>,
pub(crate) serial_number: std::option::Option<std::string::String>,
pub(crate) locality: std::option::Option<std::string::String>,
pub(crate) title: std::option::Option<std::string::String>,
pub(crate) surname: std::option::Option<std::string::String>,
pub(crate) given_name: std::option::Option<std::string::String>,
pub(crate) initials: std::option::Option<std::string::String>,
pub(crate) pseudonym: std::option::Option<std::string::String>,
pub(crate) generation_qualifier: std::option::Option<std::string::String>,
pub(crate) custom_attributes:
std::option::Option<std::vec::Vec<crate::model::CustomAttribute>>,
}
impl Builder {
/// <p>Two-digit code that specifies the country in which the certificate subject located.</p>
pub fn country(mut self, input: impl Into<std::string::String>) -> Self {
self.country = Some(input.into());
self
}
/// <p>Two-digit code that specifies the country in which the certificate subject located.</p>
pub fn set_country(mut self, input: std::option::Option<std::string::String>) -> Self {
self.country = input;
self
}
/// <p>Legal name of the organization with which the certificate subject is affiliated. </p>
pub fn organization(mut self, input: impl Into<std::string::String>) -> Self {
self.organization = Some(input.into());
self
}
/// <p>Legal name of the organization with which the certificate subject is affiliated. </p>
pub fn set_organization(mut self, input: std::option::Option<std::string::String>) -> Self {
self.organization = input;
self
}
/// <p>A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.</p>
pub fn organizational_unit(mut self, input: impl Into<std::string::String>) -> Self {
self.organizational_unit = Some(input.into());
self
}
/// <p>A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.</p>
pub fn set_organizational_unit(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.organizational_unit = input;
self
}
/// <p>Disambiguating information for the certificate subject.</p>
pub fn distinguished_name_qualifier(
mut self,
input: impl Into<std::string::String>,
) -> Self {
self.distinguished_name_qualifier = Some(input.into());
self
}
/// <p>Disambiguating information for the certificate subject.</p>
pub fn set_distinguished_name_qualifier(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.distinguished_name_qualifier = input;
self
}
/// <p>State in which the subject of the certificate is located.</p>
pub fn state(mut self, input: impl Into<std::string::String>) -> Self {
self.state = Some(input.into());
self
}
/// <p>State in which the subject of the certificate is located.</p>
pub fn set_state(mut self, input: std::option::Option<std::string::String>) -> Self {
self.state = input;
self
}
/// <p>For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit. </p>
/// <p>Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject.</p>
pub fn common_name(mut self, input: impl Into<std::string::String>) -> Self {
self.common_name = Some(input.into());
self
}
/// <p>For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit. </p>
/// <p>Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject.</p>
pub fn set_common_name(mut self, input: std::option::Option<std::string::String>) -> Self {
self.common_name = input;
self
}
/// <p>The certificate serial number.</p>
pub fn serial_number(mut self, input: impl Into<std::string::String>) -> Self {
self.serial_number = Some(input.into());
self
}
/// <p>The certificate serial number.</p>
pub fn set_serial_number(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.serial_number = input;
self
}
/// <p>The locality (such as a city or town) in which the certificate subject is located.</p>
pub fn locality(mut self, input: impl Into<std::string::String>) -> Self {
self.locality = Some(input.into());
self
}
/// <p>The locality (such as a city or town) in which the certificate subject is located.</p>
pub fn set_locality(mut self, input: std::option::Option<std::string::String>) -> Self {
self.locality = input;
self
}
/// <p>A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject.</p>
pub fn title(mut self, input: impl Into<std::string::String>) -> Self {
self.title = Some(input.into());
self
}
/// <p>A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject.</p>
pub fn set_title(mut self, input: std::option::Option<std::string::String>) -> Self {
self.title = input;
self
}
/// <p>Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.</p>
pub fn surname(mut self, input: impl Into<std::string::String>) -> Self {
self.surname = Some(input.into());
self
}
/// <p>Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.</p>
pub fn set_surname(mut self, input: std::option::Option<std::string::String>) -> Self {
self.surname = input;
self
}
/// <p>First name.</p>
pub fn given_name(mut self, input: impl Into<std::string::String>) -> Self {
self.given_name = Some(input.into());
self
}
/// <p>First name.</p>
pub fn set_given_name(mut self, input: std::option::Option<std::string::String>) -> Self {
self.given_name = input;
self
}
/// <p>Concatenation that typically contains the first letter of the <b>GivenName</b>, the first letter of the middle name if one exists, and the first letter of the <b>Surname</b>.</p>
pub fn initials(mut self, input: impl Into<std::string::String>) -> Self {
self.initials = Some(input.into());
self
}
/// <p>Concatenation that typically contains the first letter of the <b>GivenName</b>, the first letter of the middle name if one exists, and the first letter of the <b>Surname</b>.</p>
pub fn set_initials(mut self, input: std::option::Option<std::string::String>) -> Self {
self.initials = input;
self
}
/// <p>Typically a shortened version of a longer <b>GivenName</b>. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.</p>
pub fn pseudonym(mut self, input: impl Into<std::string::String>) -> Self {
self.pseudonym = Some(input.into());
self
}
/// <p>Typically a shortened version of a longer <b>GivenName</b>. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.</p>
pub fn set_pseudonym(mut self, input: std::option::Option<std::string::String>) -> Self {
self.pseudonym = input;
self
}
/// <p>Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.</p>
pub fn generation_qualifier(mut self, input: impl Into<std::string::String>) -> Self {
self.generation_qualifier = Some(input.into());
self
}
/// <p>Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.</p>
pub fn set_generation_qualifier(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.generation_qualifier = input;
self
}
/// Appends an item to `custom_attributes`.
///
/// To override the contents of this collection use [`set_custom_attributes`](Self::set_custom_attributes).
///
/// <p></p>
/// <p>Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p> <note>
/// <p>Custom attributes cannot be used in combination with standard attributes.</p>
/// </note>
pub fn custom_attributes(mut self, input: crate::model::CustomAttribute) -> Self {
let mut v = self.custom_attributes.unwrap_or_default();
v.push(input);
self.custom_attributes = Some(v);
self
}
/// <p></p>
/// <p>Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p> <note>
/// <p>Custom attributes cannot be used in combination with standard attributes.</p>
/// </note>
pub fn set_custom_attributes(
mut self,
input: std::option::Option<std::vec::Vec<crate::model::CustomAttribute>>,
) -> Self {
self.custom_attributes = input;
self
}
/// Consumes the builder and constructs a [`Asn1Subject`](crate::model::Asn1Subject).
pub fn build(self) -> crate::model::Asn1Subject {
crate::model::Asn1Subject {
country: self.country,
organization: self.organization,
organizational_unit: self.organizational_unit,
distinguished_name_qualifier: self.distinguished_name_qualifier,
state: self.state,
common_name: self.common_name,
serial_number: self.serial_number,
locality: self.locality,
title: self.title,
surname: self.surname,
given_name: self.given_name,
initials: self.initials,
pseudonym: self.pseudonym,
generation_qualifier: self.generation_qualifier,
custom_attributes: self.custom_attributes,
}
}
}
}
impl Asn1Subject {
/// Creates a new builder-style object to manufacture [`Asn1Subject`](crate::model::Asn1Subject).
pub fn builder() -> crate::model::asn1_subject::Builder {
crate::model::asn1_subject::Builder::default()
}
}
/// <p>Defines the X.500 relative distinguished name (RDN).</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct CustomAttribute {
/// <p>Specifies the object identifier (OID) of the attribute type of the relative distinguished name (RDN).</p>
#[doc(hidden)]
pub object_identifier: std::option::Option<std::string::String>,
/// <p></p>
/// <p>Specifies the attribute value of relative distinguished name (RDN).</p>
#[doc(hidden)]
pub value: std::option::Option<std::string::String>,
}
impl CustomAttribute {
/// <p>Specifies the object identifier (OID) of the attribute type of the relative distinguished name (RDN).</p>
pub fn object_identifier(&self) -> std::option::Option<&str> {
self.object_identifier.as_deref()
}
/// <p></p>
/// <p>Specifies the attribute value of relative distinguished name (RDN).</p>
pub fn value(&self) -> std::option::Option<&str> {
self.value.as_deref()
}
}
/// See [`CustomAttribute`](crate::model::CustomAttribute).
pub mod custom_attribute {
/// A builder for [`CustomAttribute`](crate::model::CustomAttribute).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) object_identifier: std::option::Option<std::string::String>,
pub(crate) value: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>Specifies the object identifier (OID) of the attribute type of the relative distinguished name (RDN).</p>
pub fn object_identifier(mut self, input: impl Into<std::string::String>) -> Self {
self.object_identifier = Some(input.into());
self
}
/// <p>Specifies the object identifier (OID) of the attribute type of the relative distinguished name (RDN).</p>
pub fn set_object_identifier(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.object_identifier = input;
self
}
/// <p></p>
/// <p>Specifies the attribute value of relative distinguished name (RDN).</p>
pub fn value(mut self, input: impl Into<std::string::String>) -> Self {
self.value = Some(input.into());
self
}
/// <p></p>
/// <p>Specifies the attribute value of relative distinguished name (RDN).</p>
pub fn set_value(mut self, input: std::option::Option<std::string::String>) -> Self {
self.value = input;
self
}
/// Consumes the builder and constructs a [`CustomAttribute`](crate::model::CustomAttribute).
pub fn build(self) -> crate::model::CustomAttribute {
crate::model::CustomAttribute {
object_identifier: self.object_identifier,
value: self.value,
}
}
}
}
impl CustomAttribute {
/// Creates a new builder-style object to manufacture [`CustomAttribute`](crate::model::CustomAttribute).
pub fn builder() -> crate::model::custom_attribute::Builder {
crate::model::custom_attribute::Builder::default()
}
}
/// <p>Defines a custom ASN.1 X.400 <code>GeneralName</code> using an object identifier (OID) and value. The OID must satisfy the regular expression shown below. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct OtherName {
/// <p>Specifies an OID. </p>
#[doc(hidden)]
pub type_id: std::option::Option<std::string::String>,
/// <p>Specifies an OID value.</p>
#[doc(hidden)]
pub value: std::option::Option<std::string::String>,
}
impl OtherName {
/// <p>Specifies an OID. </p>
pub fn type_id(&self) -> std::option::Option<&str> {
self.type_id.as_deref()
}
/// <p>Specifies an OID value.</p>
pub fn value(&self) -> std::option::Option<&str> {
self.value.as_deref()
}
}
/// See [`OtherName`](crate::model::OtherName).
pub mod other_name {
/// A builder for [`OtherName`](crate::model::OtherName).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) type_id: std::option::Option<std::string::String>,
pub(crate) value: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>Specifies an OID. </p>
pub fn type_id(mut self, input: impl Into<std::string::String>) -> Self {
self.type_id = Some(input.into());
self
}
/// <p>Specifies an OID. </p>
pub fn set_type_id(mut self, input: std::option::Option<std::string::String>) -> Self {
self.type_id = input;
self
}
/// <p>Specifies an OID value.</p>
pub fn value(mut self, input: impl Into<std::string::String>) -> Self {
self.value = Some(input.into());
self
}
/// <p>Specifies an OID value.</p>
pub fn set_value(mut self, input: std::option::Option<std::string::String>) -> Self {
self.value = input;
self
}
/// Consumes the builder and constructs a [`OtherName`](crate::model::OtherName).
pub fn build(self) -> crate::model::OtherName {
crate::model::OtherName {
type_id: self.type_id,
value: self.value,
}
}
}
}
impl OtherName {
/// Creates a new builder-style object to manufacture [`OtherName`](crate::model::OtherName).
pub fn builder() -> crate::model::other_name::Builder {
crate::model::other_name::Builder::default()
}
}
/// <p>Describes the type and format of extension access. Only one of <code>CustomObjectIdentifier</code> or <code>AccessMethodType</code> may be provided. Providing both results in <code>InvalidArgsException</code>.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct AccessMethod {
/// <p>An object identifier (OID) specifying the <code>AccessMethod</code>. The OID must satisfy the regular expression shown below. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
#[doc(hidden)]
pub custom_object_identifier: std::option::Option<std::string::String>,
/// <p>Specifies the <code>AccessMethod</code>.</p>
#[doc(hidden)]
pub access_method_type: std::option::Option<crate::model::AccessMethodType>,
}
impl AccessMethod {
/// <p>An object identifier (OID) specifying the <code>AccessMethod</code>. The OID must satisfy the regular expression shown below. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
pub fn custom_object_identifier(&self) -> std::option::Option<&str> {
self.custom_object_identifier.as_deref()
}
/// <p>Specifies the <code>AccessMethod</code>.</p>
pub fn access_method_type(&self) -> std::option::Option<&crate::model::AccessMethodType> {
self.access_method_type.as_ref()
}
}
/// See [`AccessMethod`](crate::model::AccessMethod).
pub mod access_method {
/// A builder for [`AccessMethod`](crate::model::AccessMethod).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) custom_object_identifier: std::option::Option<std::string::String>,
pub(crate) access_method_type: std::option::Option<crate::model::AccessMethodType>,
}
impl Builder {
/// <p>An object identifier (OID) specifying the <code>AccessMethod</code>. The OID must satisfy the regular expression shown below. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
pub fn custom_object_identifier(mut self, input: impl Into<std::string::String>) -> Self {
self.custom_object_identifier = Some(input.into());
self
}
/// <p>An object identifier (OID) specifying the <code>AccessMethod</code>. The OID must satisfy the regular expression shown below. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
pub fn set_custom_object_identifier(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.custom_object_identifier = input;
self
}
/// <p>Specifies the <code>AccessMethod</code>.</p>
pub fn access_method_type(mut self, input: crate::model::AccessMethodType) -> Self {
self.access_method_type = Some(input);
self
}
/// <p>Specifies the <code>AccessMethod</code>.</p>
pub fn set_access_method_type(
mut self,
input: std::option::Option<crate::model::AccessMethodType>,
) -> Self {
self.access_method_type = input;
self
}
/// Consumes the builder and constructs a [`AccessMethod`](crate::model::AccessMethod).
pub fn build(self) -> crate::model::AccessMethod {
crate::model::AccessMethod {
custom_object_identifier: self.custom_object_identifier,
access_method_type: self.access_method_type,
}
}
}
}
impl AccessMethod {
/// Creates a new builder-style object to manufacture [`AccessMethod`](crate::model::AccessMethod).
pub fn builder() -> crate::model::access_method::Builder {
crate::model::access_method::Builder::default()
}
}
/// When writing a match expression against `AccessMethodType`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let accessmethodtype = unimplemented!();
/// match accessmethodtype {
/// AccessMethodType::CaRepository => { /* ... */ },
/// AccessMethodType::ResourcePkiManifest => { /* ... */ },
/// AccessMethodType::ResourcePkiNotify => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `accessmethodtype` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `AccessMethodType::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `AccessMethodType::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `AccessMethodType::NewFeature` is defined.
/// Specifically, when `accessmethodtype` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `AccessMethodType::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum AccessMethodType {
#[allow(missing_docs)] // documentation missing in model
CaRepository,
#[allow(missing_docs)] // documentation missing in model
ResourcePkiManifest,
#[allow(missing_docs)] // documentation missing in model
ResourcePkiNotify,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for AccessMethodType {
fn from(s: &str) -> Self {
match s {
"CA_REPOSITORY" => AccessMethodType::CaRepository,
"RESOURCE_PKI_MANIFEST" => AccessMethodType::ResourcePkiManifest,
"RESOURCE_PKI_NOTIFY" => AccessMethodType::ResourcePkiNotify,
other => AccessMethodType::Unknown(crate::types::UnknownVariantValue(other.to_owned())),
}
}
}
impl std::str::FromStr for AccessMethodType {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(AccessMethodType::from(s))
}
}
impl AccessMethodType {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
AccessMethodType::CaRepository => "CA_REPOSITORY",
AccessMethodType::ResourcePkiManifest => "RESOURCE_PKI_MANIFEST",
AccessMethodType::ResourcePkiNotify => "RESOURCE_PKI_NOTIFY",
AccessMethodType::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&[
"CA_REPOSITORY",
"RESOURCE_PKI_MANIFEST",
"RESOURCE_PKI_NOTIFY",
]
}
}
impl AsRef<str> for AccessMethodType {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct KeyUsage {
/// <p> Key can be used for digital signing.</p>
#[doc(hidden)]
pub digital_signature: bool,
/// <p>Key can be used for non-repudiation.</p>
#[doc(hidden)]
pub non_repudiation: bool,
/// <p>Key can be used to encipher data.</p>
#[doc(hidden)]
pub key_encipherment: bool,
/// <p>Key can be used to decipher data.</p>
#[doc(hidden)]
pub data_encipherment: bool,
/// <p>Key can be used in a key-agreement protocol.</p>
#[doc(hidden)]
pub key_agreement: bool,
/// <p>Key can be used to sign certificates.</p>
#[doc(hidden)]
pub key_cert_sign: bool,
/// <p>Key can be used to sign CRLs.</p>
#[doc(hidden)]
pub crl_sign: bool,
/// <p>Key can be used only to encipher data.</p>
#[doc(hidden)]
pub encipher_only: bool,
/// <p>Key can be used only to decipher data.</p>
#[doc(hidden)]
pub decipher_only: bool,
}
impl KeyUsage {
/// <p> Key can be used for digital signing.</p>
pub fn digital_signature(&self) -> bool {
self.digital_signature
}
/// <p>Key can be used for non-repudiation.</p>
pub fn non_repudiation(&self) -> bool {
self.non_repudiation
}
/// <p>Key can be used to encipher data.</p>
pub fn key_encipherment(&self) -> bool {
self.key_encipherment
}
/// <p>Key can be used to decipher data.</p>
pub fn data_encipherment(&self) -> bool {
self.data_encipherment
}
/// <p>Key can be used in a key-agreement protocol.</p>
pub fn key_agreement(&self) -> bool {
self.key_agreement
}
/// <p>Key can be used to sign certificates.</p>
pub fn key_cert_sign(&self) -> bool {
self.key_cert_sign
}
/// <p>Key can be used to sign CRLs.</p>
pub fn crl_sign(&self) -> bool {
self.crl_sign
}
/// <p>Key can be used only to encipher data.</p>
pub fn encipher_only(&self) -> bool {
self.encipher_only
}
/// <p>Key can be used only to decipher data.</p>
pub fn decipher_only(&self) -> bool {
self.decipher_only
}
}
/// See [`KeyUsage`](crate::model::KeyUsage).
pub mod key_usage {
/// A builder for [`KeyUsage`](crate::model::KeyUsage).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) digital_signature: std::option::Option<bool>,
pub(crate) non_repudiation: std::option::Option<bool>,
pub(crate) key_encipherment: std::option::Option<bool>,
pub(crate) data_encipherment: std::option::Option<bool>,
pub(crate) key_agreement: std::option::Option<bool>,
pub(crate) key_cert_sign: std::option::Option<bool>,
pub(crate) crl_sign: std::option::Option<bool>,
pub(crate) encipher_only: std::option::Option<bool>,
pub(crate) decipher_only: std::option::Option<bool>,
}
impl Builder {
/// <p> Key can be used for digital signing.</p>
pub fn digital_signature(mut self, input: bool) -> Self {
self.digital_signature = Some(input);
self
}
/// <p> Key can be used for digital signing.</p>
pub fn set_digital_signature(mut self, input: std::option::Option<bool>) -> Self {
self.digital_signature = input;
self
}
/// <p>Key can be used for non-repudiation.</p>
pub fn non_repudiation(mut self, input: bool) -> Self {
self.non_repudiation = Some(input);
self
}
/// <p>Key can be used for non-repudiation.</p>
pub fn set_non_repudiation(mut self, input: std::option::Option<bool>) -> Self {
self.non_repudiation = input;
self
}
/// <p>Key can be used to encipher data.</p>
pub fn key_encipherment(mut self, input: bool) -> Self {
self.key_encipherment = Some(input);
self
}
/// <p>Key can be used to encipher data.</p>
pub fn set_key_encipherment(mut self, input: std::option::Option<bool>) -> Self {
self.key_encipherment = input;
self
}
/// <p>Key can be used to decipher data.</p>
pub fn data_encipherment(mut self, input: bool) -> Self {
self.data_encipherment = Some(input);
self
}
/// <p>Key can be used to decipher data.</p>
pub fn set_data_encipherment(mut self, input: std::option::Option<bool>) -> Self {
self.data_encipherment = input;
self
}
/// <p>Key can be used in a key-agreement protocol.</p>
pub fn key_agreement(mut self, input: bool) -> Self {
self.key_agreement = Some(input);
self
}
/// <p>Key can be used in a key-agreement protocol.</p>
pub fn set_key_agreement(mut self, input: std::option::Option<bool>) -> Self {
self.key_agreement = input;
self
}
/// <p>Key can be used to sign certificates.</p>
pub fn key_cert_sign(mut self, input: bool) -> Self {
self.key_cert_sign = Some(input);
self
}
/// <p>Key can be used to sign certificates.</p>
pub fn set_key_cert_sign(mut self, input: std::option::Option<bool>) -> Self {
self.key_cert_sign = input;
self
}
/// <p>Key can be used to sign CRLs.</p>
pub fn crl_sign(mut self, input: bool) -> Self {
self.crl_sign = Some(input);
self
}
/// <p>Key can be used to sign CRLs.</p>
pub fn set_crl_sign(mut self, input: std::option::Option<bool>) -> Self {
self.crl_sign = input;
self
}
/// <p>Key can be used only to encipher data.</p>
pub fn encipher_only(mut self, input: bool) -> Self {
self.encipher_only = Some(input);
self
}
/// <p>Key can be used only to encipher data.</p>
pub fn set_encipher_only(mut self, input: std::option::Option<bool>) -> Self {
self.encipher_only = input;
self
}
/// <p>Key can be used only to decipher data.</p>
pub fn decipher_only(mut self, input: bool) -> Self {
self.decipher_only = Some(input);
self
}
/// <p>Key can be used only to decipher data.</p>
pub fn set_decipher_only(mut self, input: std::option::Option<bool>) -> Self {
self.decipher_only = input;
self
}
/// Consumes the builder and constructs a [`KeyUsage`](crate::model::KeyUsage).
pub fn build(self) -> crate::model::KeyUsage {
crate::model::KeyUsage {
digital_signature: self.digital_signature.unwrap_or_default(),
non_repudiation: self.non_repudiation.unwrap_or_default(),
key_encipherment: self.key_encipherment.unwrap_or_default(),
data_encipherment: self.data_encipherment.unwrap_or_default(),
key_agreement: self.key_agreement.unwrap_or_default(),
key_cert_sign: self.key_cert_sign.unwrap_or_default(),
crl_sign: self.crl_sign.unwrap_or_default(),
encipher_only: self.encipher_only.unwrap_or_default(),
decipher_only: self.decipher_only.unwrap_or_default(),
}
}
}
}
impl KeyUsage {
/// Creates a new builder-style object to manufacture [`KeyUsage`](crate::model::KeyUsage).
pub fn builder() -> crate::model::key_usage::Builder {
crate::model::key_usage::Builder::default()
}
}
/// When writing a match expression against `SigningAlgorithm`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let signingalgorithm = unimplemented!();
/// match signingalgorithm {
/// SigningAlgorithm::Sha256Withecdsa => { /* ... */ },
/// SigningAlgorithm::Sha256Withrsa => { /* ... */ },
/// SigningAlgorithm::Sha384Withecdsa => { /* ... */ },
/// SigningAlgorithm::Sha384Withrsa => { /* ... */ },
/// SigningAlgorithm::Sha512Withecdsa => { /* ... */ },
/// SigningAlgorithm::Sha512Withrsa => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `signingalgorithm` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `SigningAlgorithm::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `SigningAlgorithm::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `SigningAlgorithm::NewFeature` is defined.
/// Specifically, when `signingalgorithm` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `SigningAlgorithm::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum SigningAlgorithm {
#[allow(missing_docs)] // documentation missing in model
Sha256Withecdsa,
#[allow(missing_docs)] // documentation missing in model
Sha256Withrsa,
#[allow(missing_docs)] // documentation missing in model
Sha384Withecdsa,
#[allow(missing_docs)] // documentation missing in model
Sha384Withrsa,
#[allow(missing_docs)] // documentation missing in model
Sha512Withecdsa,
#[allow(missing_docs)] // documentation missing in model
Sha512Withrsa,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for SigningAlgorithm {
fn from(s: &str) -> Self {
match s {
"SHA256WITHECDSA" => SigningAlgorithm::Sha256Withecdsa,
"SHA256WITHRSA" => SigningAlgorithm::Sha256Withrsa,
"SHA384WITHECDSA" => SigningAlgorithm::Sha384Withecdsa,
"SHA384WITHRSA" => SigningAlgorithm::Sha384Withrsa,
"SHA512WITHECDSA" => SigningAlgorithm::Sha512Withecdsa,
"SHA512WITHRSA" => SigningAlgorithm::Sha512Withrsa,
other => SigningAlgorithm::Unknown(crate::types::UnknownVariantValue(other.to_owned())),
}
}
}
impl std::str::FromStr for SigningAlgorithm {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(SigningAlgorithm::from(s))
}
}
impl SigningAlgorithm {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
SigningAlgorithm::Sha256Withecdsa => "SHA256WITHECDSA",
SigningAlgorithm::Sha256Withrsa => "SHA256WITHRSA",
SigningAlgorithm::Sha384Withecdsa => "SHA384WITHECDSA",
SigningAlgorithm::Sha384Withrsa => "SHA384WITHRSA",
SigningAlgorithm::Sha512Withecdsa => "SHA512WITHECDSA",
SigningAlgorithm::Sha512Withrsa => "SHA512WITHRSA",
SigningAlgorithm::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&[
"SHA256WITHECDSA",
"SHA256WITHRSA",
"SHA384WITHECDSA",
"SHA384WITHRSA",
"SHA512WITHECDSA",
"SHA512WITHRSA",
]
}
}
impl AsRef<str> for SigningAlgorithm {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// When writing a match expression against `KeyAlgorithm`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let keyalgorithm = unimplemented!();
/// match keyalgorithm {
/// KeyAlgorithm::EcPrime256v1 => { /* ... */ },
/// KeyAlgorithm::EcSecp384r1 => { /* ... */ },
/// KeyAlgorithm::Rsa2048 => { /* ... */ },
/// KeyAlgorithm::Rsa4096 => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `keyalgorithm` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `KeyAlgorithm::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `KeyAlgorithm::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `KeyAlgorithm::NewFeature` is defined.
/// Specifically, when `keyalgorithm` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `KeyAlgorithm::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum KeyAlgorithm {
#[allow(missing_docs)] // documentation missing in model
EcPrime256v1,
#[allow(missing_docs)] // documentation missing in model
EcSecp384r1,
#[allow(missing_docs)] // documentation missing in model
Rsa2048,
#[allow(missing_docs)] // documentation missing in model
Rsa4096,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for KeyAlgorithm {
fn from(s: &str) -> Self {
match s {
"EC_prime256v1" => KeyAlgorithm::EcPrime256v1,
"EC_secp384r1" => KeyAlgorithm::EcSecp384r1,
"RSA_2048" => KeyAlgorithm::Rsa2048,
"RSA_4096" => KeyAlgorithm::Rsa4096,
other => KeyAlgorithm::Unknown(crate::types::UnknownVariantValue(other.to_owned())),
}
}
}
impl std::str::FromStr for KeyAlgorithm {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(KeyAlgorithm::from(s))
}
}
impl KeyAlgorithm {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
KeyAlgorithm::EcPrime256v1 => "EC_prime256v1",
KeyAlgorithm::EcSecp384r1 => "EC_secp384r1",
KeyAlgorithm::Rsa2048 => "RSA_2048",
KeyAlgorithm::Rsa4096 => "RSA_4096",
KeyAlgorithm::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["EC_prime256v1", "EC_secp384r1", "RSA_2048", "RSA_4096"]
}
}
impl AsRef<str> for KeyAlgorithm {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// When writing a match expression against `FailureReason`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let failurereason = unimplemented!();
/// match failurereason {
/// FailureReason::Other => { /* ... */ },
/// FailureReason::RequestTimedOut => { /* ... */ },
/// FailureReason::UnsupportedAlgorithm => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `failurereason` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `FailureReason::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `FailureReason::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `FailureReason::NewFeature` is defined.
/// Specifically, when `failurereason` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `FailureReason::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum FailureReason {
#[allow(missing_docs)] // documentation missing in model
Other,
#[allow(missing_docs)] // documentation missing in model
RequestTimedOut,
#[allow(missing_docs)] // documentation missing in model
UnsupportedAlgorithm,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for FailureReason {
fn from(s: &str) -> Self {
match s {
"OTHER" => FailureReason::Other,
"REQUEST_TIMED_OUT" => FailureReason::RequestTimedOut,
"UNSUPPORTED_ALGORITHM" => FailureReason::UnsupportedAlgorithm,
other => FailureReason::Unknown(crate::types::UnknownVariantValue(other.to_owned())),
}
}
}
impl std::str::FromStr for FailureReason {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(FailureReason::from(s))
}
}
impl FailureReason {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
FailureReason::Other => "OTHER",
FailureReason::RequestTimedOut => "REQUEST_TIMED_OUT",
FailureReason::UnsupportedAlgorithm => "UNSUPPORTED_ALGORITHM",
FailureReason::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["OTHER", "REQUEST_TIMED_OUT", "UNSUPPORTED_ALGORITHM"]
}
}
impl AsRef<str> for FailureReason {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// When writing a match expression against `CertificateAuthorityType`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let certificateauthoritytype = unimplemented!();
/// match certificateauthoritytype {
/// CertificateAuthorityType::Root => { /* ... */ },
/// CertificateAuthorityType::Subordinate => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `certificateauthoritytype` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `CertificateAuthorityType::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `CertificateAuthorityType::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `CertificateAuthorityType::NewFeature` is defined.
/// Specifically, when `certificateauthoritytype` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `CertificateAuthorityType::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum CertificateAuthorityType {
#[allow(missing_docs)] // documentation missing in model
Root,
#[allow(missing_docs)] // documentation missing in model
Subordinate,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for CertificateAuthorityType {
fn from(s: &str) -> Self {
match s {
"ROOT" => CertificateAuthorityType::Root,
"SUBORDINATE" => CertificateAuthorityType::Subordinate,
other => CertificateAuthorityType::Unknown(crate::types::UnknownVariantValue(
other.to_owned(),
)),
}
}
}
impl std::str::FromStr for CertificateAuthorityType {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(CertificateAuthorityType::from(s))
}
}
impl CertificateAuthorityType {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
CertificateAuthorityType::Root => "ROOT",
CertificateAuthorityType::Subordinate => "SUBORDINATE",
CertificateAuthorityType::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["ROOT", "SUBORDINATE"]
}
}
impl AsRef<str> for CertificateAuthorityType {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// When writing a match expression against `ResourceOwner`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let resourceowner = unimplemented!();
/// match resourceowner {
/// ResourceOwner::OtherAccounts => { /* ... */ },
/// ResourceOwner::SelfValue => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `resourceowner` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `ResourceOwner::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `ResourceOwner::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `ResourceOwner::NewFeature` is defined.
/// Specifically, when `resourceowner` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `ResourceOwner::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
/// _Note: `ResourceOwner::Self` has been renamed to `::SelfValue`._
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum ResourceOwner {
#[allow(missing_docs)] // documentation missing in model
OtherAccounts,
/// _Note: `::Self` has been renamed to `::SelfValue`._
SelfValue,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for ResourceOwner {
fn from(s: &str) -> Self {
match s {
"OTHER_ACCOUNTS" => ResourceOwner::OtherAccounts,
"SELF" => ResourceOwner::SelfValue,
other => ResourceOwner::Unknown(crate::types::UnknownVariantValue(other.to_owned())),
}
}
}
impl std::str::FromStr for ResourceOwner {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(ResourceOwner::from(s))
}
}
impl ResourceOwner {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
ResourceOwner::OtherAccounts => "OTHER_ACCOUNTS",
ResourceOwner::SelfValue => "SELF",
ResourceOwner::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["OTHER_ACCOUNTS", "SELF"]
}
}
impl AsRef<str> for ResourceOwner {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Validity specifies the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the validity of a certificate starts or expires, or as a span of time after issuance, stated in days, months, or years. For more information, see <a href="https://tools.ietf.org/html/rfc5280#section-4.1.2.5">Validity</a> in RFC 5280.</p>
/// <p>Amazon Web Services Private CA API consumes the <code>Validity</code> data type differently in two distinct parameters of the <code>IssueCertificate</code> action. The required parameter <code>IssueCertificate</code>:<code>Validity</code> specifies the end of a certificate's validity period. The optional parameter <code>IssueCertificate</code>:<code>ValidityNotBefore</code> specifies a customized starting time for the validity period.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct Validity {
/// <p>A long integer interpreted according to the value of <code>Type</code>, below.</p>
#[doc(hidden)]
pub value: std::option::Option<i64>,
/// <p>Determines how <i>Amazon Web Services Private CA</i> interprets the <code>Value</code> parameter, an integer. Supported validity types include those listed below. Type definitions with values include a sample input value and the resulting output. </p>
/// <p> <code>END_DATE</code>: The specific date and time when the certificate will expire, expressed using UTCTime (YYMMDDHHMMSS) or GeneralizedTime (YYYYMMDDHHMMSS) format. When UTCTime is used, if the year field (YY) is greater than or equal to 50, the year is interpreted as 19YY. If the year field is less than 50, the year is interpreted as 20YY.</p>
/// <ul>
/// <li> <p>Sample input value: 491231235959 (UTCTime format)</p> </li>
/// <li> <p>Output expiration date/time: 12/31/2049 23:59:59</p> </li>
/// </ul>
/// <p> <code>ABSOLUTE</code>: The specific date and time when the validity of a certificate will start or expire, expressed in seconds since the Unix Epoch. </p>
/// <ul>
/// <li> <p>Sample input value: 2524608000</p> </li>
/// <li> <p>Output expiration date/time: 01/01/2050 00:00:00</p> </li>
/// </ul>
/// <p> <code>DAYS</code>, <code>MONTHS</code>, <code>YEARS</code>: The relative time from the moment of issuance until the certificate will expire, expressed in days, months, or years. </p>
/// <p>Example if <code>DAYS</code>, issued on 10/12/2020 at 12:34:54 UTC:</p>
/// <ul>
/// <li> <p>Sample input value: 90</p> </li>
/// <li> <p>Output expiration date: 01/10/2020 12:34:54 UTC</p> </li>
/// </ul>
/// <p>The minimum validity duration for a certificate using relative time (<code>DAYS</code>) is one day. The minimum validity for a certificate using absolute time (<code>ABSOLUTE</code> or <code>END_DATE</code>) is one second.</p>
#[doc(hidden)]
pub r#type: std::option::Option<crate::model::ValidityPeriodType>,
}
impl Validity {
/// <p>A long integer interpreted according to the value of <code>Type</code>, below.</p>
pub fn value(&self) -> std::option::Option<i64> {
self.value
}
/// <p>Determines how <i>Amazon Web Services Private CA</i> interprets the <code>Value</code> parameter, an integer. Supported validity types include those listed below. Type definitions with values include a sample input value and the resulting output. </p>
/// <p> <code>END_DATE</code>: The specific date and time when the certificate will expire, expressed using UTCTime (YYMMDDHHMMSS) or GeneralizedTime (YYYYMMDDHHMMSS) format. When UTCTime is used, if the year field (YY) is greater than or equal to 50, the year is interpreted as 19YY. If the year field is less than 50, the year is interpreted as 20YY.</p>
/// <ul>
/// <li> <p>Sample input value: 491231235959 (UTCTime format)</p> </li>
/// <li> <p>Output expiration date/time: 12/31/2049 23:59:59</p> </li>
/// </ul>
/// <p> <code>ABSOLUTE</code>: The specific date and time when the validity of a certificate will start or expire, expressed in seconds since the Unix Epoch. </p>
/// <ul>
/// <li> <p>Sample input value: 2524608000</p> </li>
/// <li> <p>Output expiration date/time: 01/01/2050 00:00:00</p> </li>
/// </ul>
/// <p> <code>DAYS</code>, <code>MONTHS</code>, <code>YEARS</code>: The relative time from the moment of issuance until the certificate will expire, expressed in days, months, or years. </p>
/// <p>Example if <code>DAYS</code>, issued on 10/12/2020 at 12:34:54 UTC:</p>
/// <ul>
/// <li> <p>Sample input value: 90</p> </li>
/// <li> <p>Output expiration date: 01/10/2020 12:34:54 UTC</p> </li>
/// </ul>
/// <p>The minimum validity duration for a certificate using relative time (<code>DAYS</code>) is one day. The minimum validity for a certificate using absolute time (<code>ABSOLUTE</code> or <code>END_DATE</code>) is one second.</p>
pub fn r#type(&self) -> std::option::Option<&crate::model::ValidityPeriodType> {
self.r#type.as_ref()
}
}
/// See [`Validity`](crate::model::Validity).
pub mod validity {
/// A builder for [`Validity`](crate::model::Validity).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) value: std::option::Option<i64>,
pub(crate) r#type: std::option::Option<crate::model::ValidityPeriodType>,
}
impl Builder {
/// <p>A long integer interpreted according to the value of <code>Type</code>, below.</p>
pub fn value(mut self, input: i64) -> Self {
self.value = Some(input);
self
}
/// <p>A long integer interpreted according to the value of <code>Type</code>, below.</p>
pub fn set_value(mut self, input: std::option::Option<i64>) -> Self {
self.value = input;
self
}
/// <p>Determines how <i>Amazon Web Services Private CA</i> interprets the <code>Value</code> parameter, an integer. Supported validity types include those listed below. Type definitions with values include a sample input value and the resulting output. </p>
/// <p> <code>END_DATE</code>: The specific date and time when the certificate will expire, expressed using UTCTime (YYMMDDHHMMSS) or GeneralizedTime (YYYYMMDDHHMMSS) format. When UTCTime is used, if the year field (YY) is greater than or equal to 50, the year is interpreted as 19YY. If the year field is less than 50, the year is interpreted as 20YY.</p>
/// <ul>
/// <li> <p>Sample input value: 491231235959 (UTCTime format)</p> </li>
/// <li> <p>Output expiration date/time: 12/31/2049 23:59:59</p> </li>
/// </ul>
/// <p> <code>ABSOLUTE</code>: The specific date and time when the validity of a certificate will start or expire, expressed in seconds since the Unix Epoch. </p>
/// <ul>
/// <li> <p>Sample input value: 2524608000</p> </li>
/// <li> <p>Output expiration date/time: 01/01/2050 00:00:00</p> </li>
/// </ul>
/// <p> <code>DAYS</code>, <code>MONTHS</code>, <code>YEARS</code>: The relative time from the moment of issuance until the certificate will expire, expressed in days, months, or years. </p>
/// <p>Example if <code>DAYS</code>, issued on 10/12/2020 at 12:34:54 UTC:</p>
/// <ul>
/// <li> <p>Sample input value: 90</p> </li>
/// <li> <p>Output expiration date: 01/10/2020 12:34:54 UTC</p> </li>
/// </ul>
/// <p>The minimum validity duration for a certificate using relative time (<code>DAYS</code>) is one day. The minimum validity for a certificate using absolute time (<code>ABSOLUTE</code> or <code>END_DATE</code>) is one second.</p>
pub fn r#type(mut self, input: crate::model::ValidityPeriodType) -> Self {
self.r#type = Some(input);
self
}
/// <p>Determines how <i>Amazon Web Services Private CA</i> interprets the <code>Value</code> parameter, an integer. Supported validity types include those listed below. Type definitions with values include a sample input value and the resulting output. </p>
/// <p> <code>END_DATE</code>: The specific date and time when the certificate will expire, expressed using UTCTime (YYMMDDHHMMSS) or GeneralizedTime (YYYYMMDDHHMMSS) format. When UTCTime is used, if the year field (YY) is greater than or equal to 50, the year is interpreted as 19YY. If the year field is less than 50, the year is interpreted as 20YY.</p>
/// <ul>
/// <li> <p>Sample input value: 491231235959 (UTCTime format)</p> </li>
/// <li> <p>Output expiration date/time: 12/31/2049 23:59:59</p> </li>
/// </ul>
/// <p> <code>ABSOLUTE</code>: The specific date and time when the validity of a certificate will start or expire, expressed in seconds since the Unix Epoch. </p>
/// <ul>
/// <li> <p>Sample input value: 2524608000</p> </li>
/// <li> <p>Output expiration date/time: 01/01/2050 00:00:00</p> </li>
/// </ul>
/// <p> <code>DAYS</code>, <code>MONTHS</code>, <code>YEARS</code>: The relative time from the moment of issuance until the certificate will expire, expressed in days, months, or years. </p>
/// <p>Example if <code>DAYS</code>, issued on 10/12/2020 at 12:34:54 UTC:</p>
/// <ul>
/// <li> <p>Sample input value: 90</p> </li>
/// <li> <p>Output expiration date: 01/10/2020 12:34:54 UTC</p> </li>
/// </ul>
/// <p>The minimum validity duration for a certificate using relative time (<code>DAYS</code>) is one day. The minimum validity for a certificate using absolute time (<code>ABSOLUTE</code> or <code>END_DATE</code>) is one second.</p>
pub fn set_type(
mut self,
input: std::option::Option<crate::model::ValidityPeriodType>,
) -> Self {
self.r#type = input;
self
}
/// Consumes the builder and constructs a [`Validity`](crate::model::Validity).
pub fn build(self) -> crate::model::Validity {
crate::model::Validity {
value: self.value,
r#type: self.r#type,
}
}
}
}
impl Validity {
/// Creates a new builder-style object to manufacture [`Validity`](crate::model::Validity).
pub fn builder() -> crate::model::validity::Builder {
crate::model::validity::Builder::default()
}
}
/// When writing a match expression against `ValidityPeriodType`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let validityperiodtype = unimplemented!();
/// match validityperiodtype {
/// ValidityPeriodType::Absolute => { /* ... */ },
/// ValidityPeriodType::Days => { /* ... */ },
/// ValidityPeriodType::EndDate => { /* ... */ },
/// ValidityPeriodType::Months => { /* ... */ },
/// ValidityPeriodType::Years => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `validityperiodtype` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `ValidityPeriodType::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `ValidityPeriodType::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `ValidityPeriodType::NewFeature` is defined.
/// Specifically, when `validityperiodtype` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `ValidityPeriodType::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum ValidityPeriodType {
#[allow(missing_docs)] // documentation missing in model
Absolute,
#[allow(missing_docs)] // documentation missing in model
Days,
#[allow(missing_docs)] // documentation missing in model
EndDate,
#[allow(missing_docs)] // documentation missing in model
Months,
#[allow(missing_docs)] // documentation missing in model
Years,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for ValidityPeriodType {
fn from(s: &str) -> Self {
match s {
"ABSOLUTE" => ValidityPeriodType::Absolute,
"DAYS" => ValidityPeriodType::Days,
"END_DATE" => ValidityPeriodType::EndDate,
"MONTHS" => ValidityPeriodType::Months,
"YEARS" => ValidityPeriodType::Years,
other => {
ValidityPeriodType::Unknown(crate::types::UnknownVariantValue(other.to_owned()))
}
}
}
}
impl std::str::FromStr for ValidityPeriodType {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(ValidityPeriodType::from(s))
}
}
impl ValidityPeriodType {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
ValidityPeriodType::Absolute => "ABSOLUTE",
ValidityPeriodType::Days => "DAYS",
ValidityPeriodType::EndDate => "END_DATE",
ValidityPeriodType::Months => "MONTHS",
ValidityPeriodType::Years => "YEARS",
ValidityPeriodType::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["ABSOLUTE", "DAYS", "END_DATE", "MONTHS", "YEARS"]
}
}
impl AsRef<str> for ValidityPeriodType {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Contains X.509 certificate information to be placed in an issued certificate. An <code>APIPassthrough</code> or <code>APICSRPassthrough</code> template variant must be selected, or else this parameter is ignored. </p>
/// <p>If conflicting or duplicate certificate information is supplied from other sources, Amazon Web Services Private CA applies <a href="https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html#template-order-of-operations">order of operation rules</a> to determine what information is used.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct ApiPassthrough {
/// <p>Specifies X.509 extension information for a certificate.</p>
#[doc(hidden)]
pub extensions: std::option::Option<crate::model::Extensions>,
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
#[doc(hidden)]
pub subject: std::option::Option<crate::model::Asn1Subject>,
}
impl ApiPassthrough {
/// <p>Specifies X.509 extension information for a certificate.</p>
pub fn extensions(&self) -> std::option::Option<&crate::model::Extensions> {
self.extensions.as_ref()
}
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
pub fn subject(&self) -> std::option::Option<&crate::model::Asn1Subject> {
self.subject.as_ref()
}
}
/// See [`ApiPassthrough`](crate::model::ApiPassthrough).
pub mod api_passthrough {
/// A builder for [`ApiPassthrough`](crate::model::ApiPassthrough).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) extensions: std::option::Option<crate::model::Extensions>,
pub(crate) subject: std::option::Option<crate::model::Asn1Subject>,
}
impl Builder {
/// <p>Specifies X.509 extension information for a certificate.</p>
pub fn extensions(mut self, input: crate::model::Extensions) -> Self {
self.extensions = Some(input);
self
}
/// <p>Specifies X.509 extension information for a certificate.</p>
pub fn set_extensions(
mut self,
input: std::option::Option<crate::model::Extensions>,
) -> Self {
self.extensions = input;
self
}
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
pub fn subject(mut self, input: crate::model::Asn1Subject) -> Self {
self.subject = Some(input);
self
}
/// <p>Contains information about the certificate subject. The <code>Subject</code> field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The <code>Subject </code>must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.</p>
pub fn set_subject(
mut self,
input: std::option::Option<crate::model::Asn1Subject>,
) -> Self {
self.subject = input;
self
}
/// Consumes the builder and constructs a [`ApiPassthrough`](crate::model::ApiPassthrough).
pub fn build(self) -> crate::model::ApiPassthrough {
crate::model::ApiPassthrough {
extensions: self.extensions,
subject: self.subject,
}
}
}
}
impl ApiPassthrough {
/// Creates a new builder-style object to manufacture [`ApiPassthrough`](crate::model::ApiPassthrough).
pub fn builder() -> crate::model::api_passthrough::Builder {
crate::model::api_passthrough::Builder::default()
}
}
/// <p>Contains X.509 extension information for a certificate.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct Extensions {
/// <p>Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
/// <p>In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate.</p>
#[doc(hidden)]
pub certificate_policies: std::option::Option<std::vec::Vec<crate::model::PolicyInformation>>,
/// <p>Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the <code>KeyUsage</code> extension.</p>
#[doc(hidden)]
pub extended_key_usage: std::option::Option<std::vec::Vec<crate::model::ExtendedKeyUsage>>,
/// <p>Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false.</p>
#[doc(hidden)]
pub key_usage: std::option::Option<crate::model::KeyUsage>,
/// <p>The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate.</p>
#[doc(hidden)]
pub subject_alternative_names: std::option::Option<std::vec::Vec<crate::model::GeneralName>>,
/// <p></p>
/// <p>Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the <a href="https://oidref.com/2.5.29">Global OID reference database.</a> </p>
#[doc(hidden)]
pub custom_extensions: std::option::Option<std::vec::Vec<crate::model::CustomExtension>>,
}
impl Extensions {
/// <p>Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
/// <p>In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate.</p>
pub fn certificate_policies(&self) -> std::option::Option<&[crate::model::PolicyInformation]> {
self.certificate_policies.as_deref()
}
/// <p>Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the <code>KeyUsage</code> extension.</p>
pub fn extended_key_usage(&self) -> std::option::Option<&[crate::model::ExtendedKeyUsage]> {
self.extended_key_usage.as_deref()
}
/// <p>Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false.</p>
pub fn key_usage(&self) -> std::option::Option<&crate::model::KeyUsage> {
self.key_usage.as_ref()
}
/// <p>The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate.</p>
pub fn subject_alternative_names(&self) -> std::option::Option<&[crate::model::GeneralName]> {
self.subject_alternative_names.as_deref()
}
/// <p></p>
/// <p>Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the <a href="https://oidref.com/2.5.29">Global OID reference database.</a> </p>
pub fn custom_extensions(&self) -> std::option::Option<&[crate::model::CustomExtension]> {
self.custom_extensions.as_deref()
}
}
/// See [`Extensions`](crate::model::Extensions).
pub mod extensions {
/// A builder for [`Extensions`](crate::model::Extensions).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) certificate_policies:
std::option::Option<std::vec::Vec<crate::model::PolicyInformation>>,
pub(crate) extended_key_usage:
std::option::Option<std::vec::Vec<crate::model::ExtendedKeyUsage>>,
pub(crate) key_usage: std::option::Option<crate::model::KeyUsage>,
pub(crate) subject_alternative_names:
std::option::Option<std::vec::Vec<crate::model::GeneralName>>,
pub(crate) custom_extensions:
std::option::Option<std::vec::Vec<crate::model::CustomExtension>>,
}
impl Builder {
/// Appends an item to `certificate_policies`.
///
/// To override the contents of this collection use [`set_certificate_policies`](Self::set_certificate_policies).
///
/// <p>Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
/// <p>In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate.</p>
pub fn certificate_policies(mut self, input: crate::model::PolicyInformation) -> Self {
let mut v = self.certificate_policies.unwrap_or_default();
v.push(input);
self.certificate_policies = Some(v);
self
}
/// <p>Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
/// <p>In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate.</p>
pub fn set_certificate_policies(
mut self,
input: std::option::Option<std::vec::Vec<crate::model::PolicyInformation>>,
) -> Self {
self.certificate_policies = input;
self
}
/// Appends an item to `extended_key_usage`.
///
/// To override the contents of this collection use [`set_extended_key_usage`](Self::set_extended_key_usage).
///
/// <p>Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the <code>KeyUsage</code> extension.</p>
pub fn extended_key_usage(mut self, input: crate::model::ExtendedKeyUsage) -> Self {
let mut v = self.extended_key_usage.unwrap_or_default();
v.push(input);
self.extended_key_usage = Some(v);
self
}
/// <p>Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the <code>KeyUsage</code> extension.</p>
pub fn set_extended_key_usage(
mut self,
input: std::option::Option<std::vec::Vec<crate::model::ExtendedKeyUsage>>,
) -> Self {
self.extended_key_usage = input;
self
}
/// <p>Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false.</p>
pub fn key_usage(mut self, input: crate::model::KeyUsage) -> Self {
self.key_usage = Some(input);
self
}
/// <p>Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false.</p>
pub fn set_key_usage(mut self, input: std::option::Option<crate::model::KeyUsage>) -> Self {
self.key_usage = input;
self
}
/// Appends an item to `subject_alternative_names`.
///
/// To override the contents of this collection use [`set_subject_alternative_names`](Self::set_subject_alternative_names).
///
/// <p>The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate.</p>
pub fn subject_alternative_names(mut self, input: crate::model::GeneralName) -> Self {
let mut v = self.subject_alternative_names.unwrap_or_default();
v.push(input);
self.subject_alternative_names = Some(v);
self
}
/// <p>The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate.</p>
pub fn set_subject_alternative_names(
mut self,
input: std::option::Option<std::vec::Vec<crate::model::GeneralName>>,
) -> Self {
self.subject_alternative_names = input;
self
}
/// Appends an item to `custom_extensions`.
///
/// To override the contents of this collection use [`set_custom_extensions`](Self::set_custom_extensions).
///
/// <p></p>
/// <p>Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the <a href="https://oidref.com/2.5.29">Global OID reference database.</a> </p>
pub fn custom_extensions(mut self, input: crate::model::CustomExtension) -> Self {
let mut v = self.custom_extensions.unwrap_or_default();
v.push(input);
self.custom_extensions = Some(v);
self
}
/// <p></p>
/// <p>Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the <a href="https://oidref.com/2.5.29">Global OID reference database.</a> </p>
pub fn set_custom_extensions(
mut self,
input: std::option::Option<std::vec::Vec<crate::model::CustomExtension>>,
) -> Self {
self.custom_extensions = input;
self
}
/// Consumes the builder and constructs a [`Extensions`](crate::model::Extensions).
pub fn build(self) -> crate::model::Extensions {
crate::model::Extensions {
certificate_policies: self.certificate_policies,
extended_key_usage: self.extended_key_usage,
key_usage: self.key_usage,
subject_alternative_names: self.subject_alternative_names,
custom_extensions: self.custom_extensions,
}
}
}
}
impl Extensions {
/// Creates a new builder-style object to manufacture [`Extensions`](crate::model::Extensions).
pub fn builder() -> crate::model::extensions::Builder {
crate::model::extensions::Builder::default()
}
}
/// <p></p>
/// <p>Specifies the X.509 extension information for a certificate.</p>
/// <p>Extensions present in <code>CustomExtensions</code> follow the <code>ApiPassthrough</code> <a href="https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html#template-order-of-operations">template rules</a>. </p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct CustomExtension {
/// <p></p>
/// <p>Specifies the object identifier (OID) of the X.509 extension. For more information, see the <a href="https://oidref.com/2.5.29">Global OID reference database.</a> </p>
#[doc(hidden)]
pub object_identifier: std::option::Option<std::string::String>,
/// <p></p>
/// <p>Specifies the base64-encoded value of the X.509 extension.</p>
#[doc(hidden)]
pub value: std::option::Option<std::string::String>,
/// <p></p>
/// <p>Specifies the critical flag of the X.509 extension.</p>
#[doc(hidden)]
pub critical: std::option::Option<bool>,
}
impl CustomExtension {
/// <p></p>
/// <p>Specifies the object identifier (OID) of the X.509 extension. For more information, see the <a href="https://oidref.com/2.5.29">Global OID reference database.</a> </p>
pub fn object_identifier(&self) -> std::option::Option<&str> {
self.object_identifier.as_deref()
}
/// <p></p>
/// <p>Specifies the base64-encoded value of the X.509 extension.</p>
pub fn value(&self) -> std::option::Option<&str> {
self.value.as_deref()
}
/// <p></p>
/// <p>Specifies the critical flag of the X.509 extension.</p>
pub fn critical(&self) -> std::option::Option<bool> {
self.critical
}
}
/// See [`CustomExtension`](crate::model::CustomExtension).
pub mod custom_extension {
/// A builder for [`CustomExtension`](crate::model::CustomExtension).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) object_identifier: std::option::Option<std::string::String>,
pub(crate) value: std::option::Option<std::string::String>,
pub(crate) critical: std::option::Option<bool>,
}
impl Builder {
/// <p></p>
/// <p>Specifies the object identifier (OID) of the X.509 extension. For more information, see the <a href="https://oidref.com/2.5.29">Global OID reference database.</a> </p>
pub fn object_identifier(mut self, input: impl Into<std::string::String>) -> Self {
self.object_identifier = Some(input.into());
self
}
/// <p></p>
/// <p>Specifies the object identifier (OID) of the X.509 extension. For more information, see the <a href="https://oidref.com/2.5.29">Global OID reference database.</a> </p>
pub fn set_object_identifier(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.object_identifier = input;
self
}
/// <p></p>
/// <p>Specifies the base64-encoded value of the X.509 extension.</p>
pub fn value(mut self, input: impl Into<std::string::String>) -> Self {
self.value = Some(input.into());
self
}
/// <p></p>
/// <p>Specifies the base64-encoded value of the X.509 extension.</p>
pub fn set_value(mut self, input: std::option::Option<std::string::String>) -> Self {
self.value = input;
self
}
/// <p></p>
/// <p>Specifies the critical flag of the X.509 extension.</p>
pub fn critical(mut self, input: bool) -> Self {
self.critical = Some(input);
self
}
/// <p></p>
/// <p>Specifies the critical flag of the X.509 extension.</p>
pub fn set_critical(mut self, input: std::option::Option<bool>) -> Self {
self.critical = input;
self
}
/// Consumes the builder and constructs a [`CustomExtension`](crate::model::CustomExtension).
pub fn build(self) -> crate::model::CustomExtension {
crate::model::CustomExtension {
object_identifier: self.object_identifier,
value: self.value,
critical: self.critical,
}
}
}
}
impl CustomExtension {
/// Creates a new builder-style object to manufacture [`CustomExtension`](crate::model::CustomExtension).
pub fn builder() -> crate::model::custom_extension::Builder {
crate::model::custom_extension::Builder::default()
}
}
/// <p>Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the <code>KeyUsage</code> extension.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct ExtendedKeyUsage {
/// <p>Specifies a standard <code>ExtendedKeyUsage</code> as defined as in <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12">RFC 5280</a>.</p>
#[doc(hidden)]
pub extended_key_usage_type: std::option::Option<crate::model::ExtendedKeyUsageType>,
/// <p>Specifies a custom <code>ExtendedKeyUsage</code> with an object identifier (OID).</p>
#[doc(hidden)]
pub extended_key_usage_object_identifier: std::option::Option<std::string::String>,
}
impl ExtendedKeyUsage {
/// <p>Specifies a standard <code>ExtendedKeyUsage</code> as defined as in <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12">RFC 5280</a>.</p>
pub fn extended_key_usage_type(
&self,
) -> std::option::Option<&crate::model::ExtendedKeyUsageType> {
self.extended_key_usage_type.as_ref()
}
/// <p>Specifies a custom <code>ExtendedKeyUsage</code> with an object identifier (OID).</p>
pub fn extended_key_usage_object_identifier(&self) -> std::option::Option<&str> {
self.extended_key_usage_object_identifier.as_deref()
}
}
/// See [`ExtendedKeyUsage`](crate::model::ExtendedKeyUsage).
pub mod extended_key_usage {
/// A builder for [`ExtendedKeyUsage`](crate::model::ExtendedKeyUsage).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) extended_key_usage_type: std::option::Option<crate::model::ExtendedKeyUsageType>,
pub(crate) extended_key_usage_object_identifier: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>Specifies a standard <code>ExtendedKeyUsage</code> as defined as in <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12">RFC 5280</a>.</p>
pub fn extended_key_usage_type(
mut self,
input: crate::model::ExtendedKeyUsageType,
) -> Self {
self.extended_key_usage_type = Some(input);
self
}
/// <p>Specifies a standard <code>ExtendedKeyUsage</code> as defined as in <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12">RFC 5280</a>.</p>
pub fn set_extended_key_usage_type(
mut self,
input: std::option::Option<crate::model::ExtendedKeyUsageType>,
) -> Self {
self.extended_key_usage_type = input;
self
}
/// <p>Specifies a custom <code>ExtendedKeyUsage</code> with an object identifier (OID).</p>
pub fn extended_key_usage_object_identifier(
mut self,
input: impl Into<std::string::String>,
) -> Self {
self.extended_key_usage_object_identifier = Some(input.into());
self
}
/// <p>Specifies a custom <code>ExtendedKeyUsage</code> with an object identifier (OID).</p>
pub fn set_extended_key_usage_object_identifier(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.extended_key_usage_object_identifier = input;
self
}
/// Consumes the builder and constructs a [`ExtendedKeyUsage`](crate::model::ExtendedKeyUsage).
pub fn build(self) -> crate::model::ExtendedKeyUsage {
crate::model::ExtendedKeyUsage {
extended_key_usage_type: self.extended_key_usage_type,
extended_key_usage_object_identifier: self.extended_key_usage_object_identifier,
}
}
}
}
impl ExtendedKeyUsage {
/// Creates a new builder-style object to manufacture [`ExtendedKeyUsage`](crate::model::ExtendedKeyUsage).
pub fn builder() -> crate::model::extended_key_usage::Builder {
crate::model::extended_key_usage::Builder::default()
}
}
/// When writing a match expression against `ExtendedKeyUsageType`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let extendedkeyusagetype = unimplemented!();
/// match extendedkeyusagetype {
/// ExtendedKeyUsageType::CertificateTransparency => { /* ... */ },
/// ExtendedKeyUsageType::ClientAuth => { /* ... */ },
/// ExtendedKeyUsageType::CodeSigning => { /* ... */ },
/// ExtendedKeyUsageType::DocumentSigning => { /* ... */ },
/// ExtendedKeyUsageType::EmailProtection => { /* ... */ },
/// ExtendedKeyUsageType::OcspSigning => { /* ... */ },
/// ExtendedKeyUsageType::ServerAuth => { /* ... */ },
/// ExtendedKeyUsageType::SmartCardLogin => { /* ... */ },
/// ExtendedKeyUsageType::TimeStamping => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `extendedkeyusagetype` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `ExtendedKeyUsageType::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `ExtendedKeyUsageType::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `ExtendedKeyUsageType::NewFeature` is defined.
/// Specifically, when `extendedkeyusagetype` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `ExtendedKeyUsageType::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum ExtendedKeyUsageType {
#[allow(missing_docs)] // documentation missing in model
CertificateTransparency,
#[allow(missing_docs)] // documentation missing in model
ClientAuth,
#[allow(missing_docs)] // documentation missing in model
CodeSigning,
#[allow(missing_docs)] // documentation missing in model
DocumentSigning,
#[allow(missing_docs)] // documentation missing in model
EmailProtection,
#[allow(missing_docs)] // documentation missing in model
OcspSigning,
#[allow(missing_docs)] // documentation missing in model
ServerAuth,
#[allow(missing_docs)] // documentation missing in model
SmartCardLogin,
#[allow(missing_docs)] // documentation missing in model
TimeStamping,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for ExtendedKeyUsageType {
fn from(s: &str) -> Self {
match s {
"CERTIFICATE_TRANSPARENCY" => ExtendedKeyUsageType::CertificateTransparency,
"CLIENT_AUTH" => ExtendedKeyUsageType::ClientAuth,
"CODE_SIGNING" => ExtendedKeyUsageType::CodeSigning,
"DOCUMENT_SIGNING" => ExtendedKeyUsageType::DocumentSigning,
"EMAIL_PROTECTION" => ExtendedKeyUsageType::EmailProtection,
"OCSP_SIGNING" => ExtendedKeyUsageType::OcspSigning,
"SERVER_AUTH" => ExtendedKeyUsageType::ServerAuth,
"SMART_CARD_LOGIN" => ExtendedKeyUsageType::SmartCardLogin,
"TIME_STAMPING" => ExtendedKeyUsageType::TimeStamping,
other => {
ExtendedKeyUsageType::Unknown(crate::types::UnknownVariantValue(other.to_owned()))
}
}
}
}
impl std::str::FromStr for ExtendedKeyUsageType {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(ExtendedKeyUsageType::from(s))
}
}
impl ExtendedKeyUsageType {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
ExtendedKeyUsageType::CertificateTransparency => "CERTIFICATE_TRANSPARENCY",
ExtendedKeyUsageType::ClientAuth => "CLIENT_AUTH",
ExtendedKeyUsageType::CodeSigning => "CODE_SIGNING",
ExtendedKeyUsageType::DocumentSigning => "DOCUMENT_SIGNING",
ExtendedKeyUsageType::EmailProtection => "EMAIL_PROTECTION",
ExtendedKeyUsageType::OcspSigning => "OCSP_SIGNING",
ExtendedKeyUsageType::ServerAuth => "SERVER_AUTH",
ExtendedKeyUsageType::SmartCardLogin => "SMART_CARD_LOGIN",
ExtendedKeyUsageType::TimeStamping => "TIME_STAMPING",
ExtendedKeyUsageType::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&[
"CERTIFICATE_TRANSPARENCY",
"CLIENT_AUTH",
"CODE_SIGNING",
"DOCUMENT_SIGNING",
"EMAIL_PROTECTION",
"OCSP_SIGNING",
"SERVER_AUTH",
"SMART_CARD_LOGIN",
"TIME_STAMPING",
]
}
}
impl AsRef<str> for ExtendedKeyUsageType {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// <p>Defines the X.509 <code>CertificatePolicies</code> extension.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct PolicyInformation {
/// <p>Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
#[doc(hidden)]
pub cert_policy_id: std::option::Option<std::string::String>,
/// <p>Modifies the given <code>CertPolicyId</code> with a qualifier. Amazon Web Services Private CA supports the certification practice statement (CPS) qualifier.</p>
#[doc(hidden)]
pub policy_qualifiers: std::option::Option<std::vec::Vec<crate::model::PolicyQualifierInfo>>,
}
impl PolicyInformation {
/// <p>Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
pub fn cert_policy_id(&self) -> std::option::Option<&str> {
self.cert_policy_id.as_deref()
}
/// <p>Modifies the given <code>CertPolicyId</code> with a qualifier. Amazon Web Services Private CA supports the certification practice statement (CPS) qualifier.</p>
pub fn policy_qualifiers(&self) -> std::option::Option<&[crate::model::PolicyQualifierInfo]> {
self.policy_qualifiers.as_deref()
}
}
/// See [`PolicyInformation`](crate::model::PolicyInformation).
pub mod policy_information {
/// A builder for [`PolicyInformation`](crate::model::PolicyInformation).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) cert_policy_id: std::option::Option<std::string::String>,
pub(crate) policy_qualifiers:
std::option::Option<std::vec::Vec<crate::model::PolicyQualifierInfo>>,
}
impl Builder {
/// <p>Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
pub fn cert_policy_id(mut self, input: impl Into<std::string::String>) -> Self {
self.cert_policy_id = Some(input.into());
self
}
/// <p>Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier (OID)</a>.</p>
pub fn set_cert_policy_id(
mut self,
input: std::option::Option<std::string::String>,
) -> Self {
self.cert_policy_id = input;
self
}
/// Appends an item to `policy_qualifiers`.
///
/// To override the contents of this collection use [`set_policy_qualifiers`](Self::set_policy_qualifiers).
///
/// <p>Modifies the given <code>CertPolicyId</code> with a qualifier. Amazon Web Services Private CA supports the certification practice statement (CPS) qualifier.</p>
pub fn policy_qualifiers(mut self, input: crate::model::PolicyQualifierInfo) -> Self {
let mut v = self.policy_qualifiers.unwrap_or_default();
v.push(input);
self.policy_qualifiers = Some(v);
self
}
/// <p>Modifies the given <code>CertPolicyId</code> with a qualifier. Amazon Web Services Private CA supports the certification practice statement (CPS) qualifier.</p>
pub fn set_policy_qualifiers(
mut self,
input: std::option::Option<std::vec::Vec<crate::model::PolicyQualifierInfo>>,
) -> Self {
self.policy_qualifiers = input;
self
}
/// Consumes the builder and constructs a [`PolicyInformation`](crate::model::PolicyInformation).
pub fn build(self) -> crate::model::PolicyInformation {
crate::model::PolicyInformation {
cert_policy_id: self.cert_policy_id,
policy_qualifiers: self.policy_qualifiers,
}
}
}
}
impl PolicyInformation {
/// Creates a new builder-style object to manufacture [`PolicyInformation`](crate::model::PolicyInformation).
pub fn builder() -> crate::model::policy_information::Builder {
crate::model::policy_information::Builder::default()
}
}
/// <p>Modifies the <code>CertPolicyId</code> of a <code>PolicyInformation</code> object with a qualifier. Amazon Web Services Private CA supports the certification practice statement (CPS) qualifier.</p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct PolicyQualifierInfo {
/// <p>Identifies the qualifier modifying a <code>CertPolicyId</code>.</p>
#[doc(hidden)]
pub policy_qualifier_id: std::option::Option<crate::model::PolicyQualifierId>,
/// <p>Defines the qualifier type. Amazon Web Services Private CA supports the use of a URI for a CPS qualifier in this field.</p>
#[doc(hidden)]
pub qualifier: std::option::Option<crate::model::Qualifier>,
}
impl PolicyQualifierInfo {
/// <p>Identifies the qualifier modifying a <code>CertPolicyId</code>.</p>
pub fn policy_qualifier_id(&self) -> std::option::Option<&crate::model::PolicyQualifierId> {
self.policy_qualifier_id.as_ref()
}
/// <p>Defines the qualifier type. Amazon Web Services Private CA supports the use of a URI for a CPS qualifier in this field.</p>
pub fn qualifier(&self) -> std::option::Option<&crate::model::Qualifier> {
self.qualifier.as_ref()
}
}
/// See [`PolicyQualifierInfo`](crate::model::PolicyQualifierInfo).
pub mod policy_qualifier_info {
/// A builder for [`PolicyQualifierInfo`](crate::model::PolicyQualifierInfo).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) policy_qualifier_id: std::option::Option<crate::model::PolicyQualifierId>,
pub(crate) qualifier: std::option::Option<crate::model::Qualifier>,
}
impl Builder {
/// <p>Identifies the qualifier modifying a <code>CertPolicyId</code>.</p>
pub fn policy_qualifier_id(mut self, input: crate::model::PolicyQualifierId) -> Self {
self.policy_qualifier_id = Some(input);
self
}
/// <p>Identifies the qualifier modifying a <code>CertPolicyId</code>.</p>
pub fn set_policy_qualifier_id(
mut self,
input: std::option::Option<crate::model::PolicyQualifierId>,
) -> Self {
self.policy_qualifier_id = input;
self
}
/// <p>Defines the qualifier type. Amazon Web Services Private CA supports the use of a URI for a CPS qualifier in this field.</p>
pub fn qualifier(mut self, input: crate::model::Qualifier) -> Self {
self.qualifier = Some(input);
self
}
/// <p>Defines the qualifier type. Amazon Web Services Private CA supports the use of a URI for a CPS qualifier in this field.</p>
pub fn set_qualifier(
mut self,
input: std::option::Option<crate::model::Qualifier>,
) -> Self {
self.qualifier = input;
self
}
/// Consumes the builder and constructs a [`PolicyQualifierInfo`](crate::model::PolicyQualifierInfo).
pub fn build(self) -> crate::model::PolicyQualifierInfo {
crate::model::PolicyQualifierInfo {
policy_qualifier_id: self.policy_qualifier_id,
qualifier: self.qualifier,
}
}
}
}
impl PolicyQualifierInfo {
/// Creates a new builder-style object to manufacture [`PolicyQualifierInfo`](crate::model::PolicyQualifierInfo).
pub fn builder() -> crate::model::policy_qualifier_info::Builder {
crate::model::policy_qualifier_info::Builder::default()
}
}
/// <p>Defines a <code>PolicyInformation</code> qualifier. Amazon Web Services Private CA supports the <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4">certification practice statement (CPS) qualifier</a> defined in RFC 5280. </p>
#[non_exhaustive]
#[derive(std::clone::Clone, std::cmp::PartialEq, std::fmt::Debug)]
pub struct Qualifier {
/// <p>Contains a pointer to a certification practice statement (CPS) published by the CA.</p>
#[doc(hidden)]
pub cps_uri: std::option::Option<std::string::String>,
}
impl Qualifier {
/// <p>Contains a pointer to a certification practice statement (CPS) published by the CA.</p>
pub fn cps_uri(&self) -> std::option::Option<&str> {
self.cps_uri.as_deref()
}
}
/// See [`Qualifier`](crate::model::Qualifier).
pub mod qualifier {
/// A builder for [`Qualifier`](crate::model::Qualifier).
#[derive(std::clone::Clone, std::cmp::PartialEq, std::default::Default, std::fmt::Debug)]
pub struct Builder {
pub(crate) cps_uri: std::option::Option<std::string::String>,
}
impl Builder {
/// <p>Contains a pointer to a certification practice statement (CPS) published by the CA.</p>
pub fn cps_uri(mut self, input: impl Into<std::string::String>) -> Self {
self.cps_uri = Some(input.into());
self
}
/// <p>Contains a pointer to a certification practice statement (CPS) published by the CA.</p>
pub fn set_cps_uri(mut self, input: std::option::Option<std::string::String>) -> Self {
self.cps_uri = input;
self
}
/// Consumes the builder and constructs a [`Qualifier`](crate::model::Qualifier).
pub fn build(self) -> crate::model::Qualifier {
crate::model::Qualifier {
cps_uri: self.cps_uri,
}
}
}
}
impl Qualifier {
/// Creates a new builder-style object to manufacture [`Qualifier`](crate::model::Qualifier).
pub fn builder() -> crate::model::qualifier::Builder {
crate::model::qualifier::Builder::default()
}
}
/// When writing a match expression against `PolicyQualifierId`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let policyqualifierid = unimplemented!();
/// match policyqualifierid {
/// PolicyQualifierId::Cps => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `policyqualifierid` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `PolicyQualifierId::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `PolicyQualifierId::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `PolicyQualifierId::NewFeature` is defined.
/// Specifically, when `policyqualifierid` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `PolicyQualifierId::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum PolicyQualifierId {
#[allow(missing_docs)] // documentation missing in model
Cps,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for PolicyQualifierId {
fn from(s: &str) -> Self {
match s {
"CPS" => PolicyQualifierId::Cps,
other => {
PolicyQualifierId::Unknown(crate::types::UnknownVariantValue(other.to_owned()))
}
}
}
}
impl std::str::FromStr for PolicyQualifierId {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(PolicyQualifierId::from(s))
}
}
impl PolicyQualifierId {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
PolicyQualifierId::Cps => "CPS",
PolicyQualifierId::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["CPS"]
}
}
impl AsRef<str> for PolicyQualifierId {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// When writing a match expression against `AuditReportStatus`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let auditreportstatus = unimplemented!();
/// match auditreportstatus {
/// AuditReportStatus::Creating => { /* ... */ },
/// AuditReportStatus::Failed => { /* ... */ },
/// AuditReportStatus::Success => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `auditreportstatus` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `AuditReportStatus::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `AuditReportStatus::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `AuditReportStatus::NewFeature` is defined.
/// Specifically, when `auditreportstatus` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `AuditReportStatus::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum AuditReportStatus {
#[allow(missing_docs)] // documentation missing in model
Creating,
#[allow(missing_docs)] // documentation missing in model
Failed,
#[allow(missing_docs)] // documentation missing in model
Success,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for AuditReportStatus {
fn from(s: &str) -> Self {
match s {
"CREATING" => AuditReportStatus::Creating,
"FAILED" => AuditReportStatus::Failed,
"SUCCESS" => AuditReportStatus::Success,
other => {
AuditReportStatus::Unknown(crate::types::UnknownVariantValue(other.to_owned()))
}
}
}
}
impl std::str::FromStr for AuditReportStatus {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(AuditReportStatus::from(s))
}
}
impl AuditReportStatus {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
AuditReportStatus::Creating => "CREATING",
AuditReportStatus::Failed => "FAILED",
AuditReportStatus::Success => "SUCCESS",
AuditReportStatus::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["CREATING", "FAILED", "SUCCESS"]
}
}
impl AsRef<str> for AuditReportStatus {
fn as_ref(&self) -> &str {
self.as_str()
}
}
/// When writing a match expression against `AuditReportResponseFormat`, it is important to ensure
/// your code is forward-compatible. That is, if a match arm handles a case for a
/// feature that is supported by the service but has not been represented as an enum
/// variant in a current version of SDK, your code should continue to work when you
/// upgrade SDK to a future version in which the enum does include a variant for that
/// feature.
///
/// Here is an example of how you can make a match expression forward-compatible:
///
/// ```text
/// # let auditreportresponseformat = unimplemented!();
/// match auditreportresponseformat {
/// AuditReportResponseFormat::Csv => { /* ... */ },
/// AuditReportResponseFormat::Json => { /* ... */ },
/// other @ _ if other.as_str() == "NewFeature" => { /* handles a case for `NewFeature` */ },
/// _ => { /* ... */ },
/// }
/// ```
/// The above code demonstrates that when `auditreportresponseformat` represents
/// `NewFeature`, the execution path will lead to the second last match arm,
/// even though the enum does not contain a variant `AuditReportResponseFormat::NewFeature`
/// in the current version of SDK. The reason is that the variable `other`,
/// created by the `@` operator, is bound to
/// `AuditReportResponseFormat::Unknown(UnknownVariantValue("NewFeature".to_owned()))`
/// and calling `as_str` on it yields `"NewFeature"`.
/// This match expression is forward-compatible when executed with a newer
/// version of SDK where the variant `AuditReportResponseFormat::NewFeature` is defined.
/// Specifically, when `auditreportresponseformat` represents `NewFeature`,
/// the execution path will hit the second last match arm as before by virtue of
/// calling `as_str` on `AuditReportResponseFormat::NewFeature` also yielding `"NewFeature"`.
///
/// Explicitly matching on the `Unknown` variant should
/// be avoided for two reasons:
/// - The inner data `UnknownVariantValue` is opaque, and no further information can be extracted.
/// - It might inadvertently shadow other intended match arms.
#[allow(missing_docs)] // documentation missing in model
#[non_exhaustive]
#[derive(
std::clone::Clone,
std::cmp::Eq,
std::cmp::Ord,
std::cmp::PartialEq,
std::cmp::PartialOrd,
std::fmt::Debug,
std::hash::Hash,
)]
pub enum AuditReportResponseFormat {
#[allow(missing_docs)] // documentation missing in model
Csv,
#[allow(missing_docs)] // documentation missing in model
Json,
/// `Unknown` contains new variants that have been added since this code was generated.
Unknown(crate::types::UnknownVariantValue),
}
impl std::convert::From<&str> for AuditReportResponseFormat {
fn from(s: &str) -> Self {
match s {
"CSV" => AuditReportResponseFormat::Csv,
"JSON" => AuditReportResponseFormat::Json,
other => AuditReportResponseFormat::Unknown(crate::types::UnknownVariantValue(
other.to_owned(),
)),
}
}
}
impl std::str::FromStr for AuditReportResponseFormat {
type Err = std::convert::Infallible;
fn from_str(s: &str) -> std::result::Result<Self, Self::Err> {
Ok(AuditReportResponseFormat::from(s))
}
}
impl AuditReportResponseFormat {
/// Returns the `&str` value of the enum member.
pub fn as_str(&self) -> &str {
match self {
AuditReportResponseFormat::Csv => "CSV",
AuditReportResponseFormat::Json => "JSON",
AuditReportResponseFormat::Unknown(value) => value.as_str(),
}
}
/// Returns all the `&str` values of the enum members.
pub const fn values() -> &'static [&'static str] {
&["CSV", "JSON"]
}
}
impl AsRef<str> for AuditReportResponseFormat {
fn as_ref(&self) -> &str {
self.as_str()
}
}