[−][src]Crate rusoto_acm_pca
This is the ACM Private CA API Reference. It provides descriptions, syntax, and usage examples for each of the actions and data types involved in creating and managing private certificate authorities (CA) for your organization.
The documentation for each action shows the Query API request parameters and the XML response. Alternatively, you can use one of the AWS SDKs to access an API that's tailored to the programming language or platform that you're using. For more information, see AWS SDKs.
Each ACM Private CA API action has a throttling limit which determines the number of times the action can be called per second. For more information, see API Rate Limits in ACM Private CA in the ACM Private CA user guide.
If you're using the service, you're probably looking for AcmPcaClient and AcmPca.
Structs
ASN1Subject | Contains information about the certificate subject. The certificate can be one issued by your private certificate authority (CA) or it can be your private CA certificate. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. The DN must be unique for each entity, but your private CA can issue more than one certificate with the same DN to the same entity. |
AcmPcaClient | A client for the ACM-PCA API. |
CertificateAuthority | Contains information about your private certificate authority (CA). Your private CA can issue and revoke X.509 digital certificates. Digital certificates verify that the entity named in the certificate Subject field owns or controls the public key contained in the Subject Public Key Info field. Call the CreateCertificateAuthority action to create your private CA. You must then call the GetCertificateAuthorityCertificate action to retrieve a private CA certificate signing request (CSR). Sign the CSR with your ACM Private CA-hosted or on-premises root or subordinate CA certificate. Call the ImportCertificateAuthorityCertificate action to import the signed certificate into AWS Certificate Manager (ACM). |
CertificateAuthorityConfiguration | Contains configuration information for your private certificate authority (CA). This includes information about the class of public key algorithm and the key pair that your private CA creates when it issues a certificate. It also includes the signature algorithm that it uses when issuing certificates, and its X.500 distinguished name. You must specify this information when you call the CreateCertificateAuthority action. |
CreateCertificateAuthorityAuditReportRequest | |
CreateCertificateAuthorityAuditReportResponse | |
CreateCertificateAuthorityRequest | |
CreateCertificateAuthorityResponse | |
CreatePermissionRequest | |
CrlConfiguration | Contains configuration information for a certificate revocation list (CRL). Your private certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You can enable CRLs for your new or an existing private CA by setting the Enabled parameter to Your private CA uses the value in the ExpirationInDays parameter to calculate the nextUpdate field in the CRL. The CRL is refreshed at 1/2 the age of next update or when a certificate is revoked. When a certificate is revoked, it is recorded in the next CRL that is generated and in the next audit report. Only time valid certificates are listed in the CRL. Expired certificates are not included. CRLs contain the following fields:
Certificate revocation lists created by ACM Private CA are DER-encoded. You can use the following OpenSSL command to list a CRL. |
DeleteCertificateAuthorityRequest | |
DeletePermissionRequest | |
DescribeCertificateAuthorityAuditReportRequest | |
DescribeCertificateAuthorityAuditReportResponse | |
DescribeCertificateAuthorityRequest | |
DescribeCertificateAuthorityResponse | |
GetCertificateAuthorityCertificateRequest | |
GetCertificateAuthorityCertificateResponse | |
GetCertificateAuthorityCsrRequest | |
GetCertificateAuthorityCsrResponse | |
GetCertificateRequest | |
GetCertificateResponse | |
ImportCertificateAuthorityCertificateRequest | |
IssueCertificateRequest | |
IssueCertificateResponse | |
ListCertificateAuthoritiesRequest | |
ListCertificateAuthoritiesResponse | |
ListPermissionsRequest | |
ListPermissionsResponse | |
ListTagsRequest | |
ListTagsResponse | |
Permission | Permissions designate which private CA actions can be performed by an AWS service or entity. In order for ACM to automatically renew private certificates, you must give the ACM service principal all available permissions ( |
RestoreCertificateAuthorityRequest | |
RevocationConfiguration | Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. Your private certificate authority (CA) can create and maintain a certificate revocation list (CRL). A CRL contains information about certificates revoked by your CA. For more information, see RevokeCertificate. |
RevokeCertificateRequest | |
Tag | Tags are labels that you can use to identify and organize your private CAs. Each tag consists of a key and an optional value. You can associate up to 50 tags with a private CA. To add one or more tags to a private CA, call the TagCertificateAuthority action. To remove a tag, call the UntagCertificateAuthority action. |
TagCertificateAuthorityRequest | |
UntagCertificateAuthorityRequest | |
UpdateCertificateAuthorityRequest | |
Validity | Length of time for which the certificate issued by your private certificate authority (CA), or by the private CA itself, is valid in days, months, or years. You can issue a certificate by calling the IssueCertificate action. |
Enums
CreateCertificateAuthorityAuditReportError | Errors returned by CreateCertificateAuthorityAuditReport |
CreateCertificateAuthorityError | Errors returned by CreateCertificateAuthority |
CreatePermissionError | Errors returned by CreatePermission |
DeleteCertificateAuthorityError | Errors returned by DeleteCertificateAuthority |
DeletePermissionError | Errors returned by DeletePermission |
DescribeCertificateAuthorityAuditReportError | Errors returned by DescribeCertificateAuthorityAuditReport |
DescribeCertificateAuthorityError | Errors returned by DescribeCertificateAuthority |
GetCertificateAuthorityCertificateError | Errors returned by GetCertificateAuthorityCertificate |
GetCertificateAuthorityCsrError | Errors returned by GetCertificateAuthorityCsr |
GetCertificateError | Errors returned by GetCertificate |
ImportCertificateAuthorityCertificateError | Errors returned by ImportCertificateAuthorityCertificate |
IssueCertificateError | Errors returned by IssueCertificate |
ListCertificateAuthoritiesError | Errors returned by ListCertificateAuthorities |
ListPermissionsError | Errors returned by ListPermissions |
ListTagsError | Errors returned by ListTags |
RestoreCertificateAuthorityError | Errors returned by RestoreCertificateAuthority |
RevokeCertificateError | Errors returned by RevokeCertificate |
TagCertificateAuthorityError | Errors returned by TagCertificateAuthority |
UntagCertificateAuthorityError | Errors returned by UntagCertificateAuthority |
UpdateCertificateAuthorityError | Errors returned by UpdateCertificateAuthority |
Traits
AcmPca | Trait representing the capabilities of the ACM-PCA API. ACM-PCA clients implement this trait. |