amazonka-certificatemanager-pca-1.6.0: Amazon Certificate Manager Private Certificate Authority SDK.

Copyright(c) 2013-2018 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay+amazonka@gmail.com>
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellNone
LanguageHaskell2010

Network.AWS.CertificateManagerPCA.CreateCertificateAuthority

Contents

Description

Creates a private subordinate certificate authority (CA). You must specify the CA configuration, the revocation configuration, the CA type, and an optional idempotency token. The CA configuration specifies the name of the algorithm and key size to be used to create the CA private key, the type of signing algorithm that the CA uses to sign, and X.500 subject information. The CRL (certificate revocation list) configuration specifies the CRL expiration period in days (the validity period of the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias for the S3 bucket that is included in certificates issued by the CA. If successful, this function returns the Amazon Resource Name (ARN) of the CA.

Synopsis

Creating a Request

createCertificateAuthority Source #

Creates a value of CreateCertificateAuthority with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

  • ccaIdempotencyToken - Alphanumeric string that can be used to distinguish between calls to CreateCertificateAuthority . Idempotency tokens time out after five minutes. Therefore, if you call CreateCertificateAuthority multiple times with the same idempotency token within a five minute period, ACM PCA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, however, ACM PCA recognizes that you are requesting multiple certificates.
  • ccaRevocationConfiguration - Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM PCA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the CRL Distribution Points extension of your CA certificate. For more information, see the CrlConfiguration structure.
  • ccaCertificateAuthorityConfiguration - Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.
  • ccaCertificateAuthorityType - The type of the certificate authority. Currently, this must be SUBORDINATE .

data CreateCertificateAuthority Source #

See: createCertificateAuthority smart constructor.

Instances

Eq CreateCertificateAuthority Source # 
Data CreateCertificateAuthority Source # 

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> CreateCertificateAuthority -> c CreateCertificateAuthority #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c CreateCertificateAuthority #

toConstr :: CreateCertificateAuthority -> Constr #

dataTypeOf :: CreateCertificateAuthority -> DataType #

dataCast1 :: Typeable (* -> *) t => (forall d. Data d => c (t d)) -> Maybe (c CreateCertificateAuthority) #

dataCast2 :: Typeable (* -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c CreateCertificateAuthority) #

gmapT :: (forall b. Data b => b -> b) -> CreateCertificateAuthority -> CreateCertificateAuthority #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> CreateCertificateAuthority -> r #

gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> CreateCertificateAuthority -> r #

gmapQ :: (forall d. Data d => d -> u) -> CreateCertificateAuthority -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> CreateCertificateAuthority -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> CreateCertificateAuthority -> m CreateCertificateAuthority #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> CreateCertificateAuthority -> m CreateCertificateAuthority #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> CreateCertificateAuthority -> m CreateCertificateAuthority #

Read CreateCertificateAuthority Source # 
Show CreateCertificateAuthority Source # 
Generic CreateCertificateAuthority Source # 
Hashable CreateCertificateAuthority Source # 
ToJSON CreateCertificateAuthority Source # 
NFData CreateCertificateAuthority Source # 
AWSRequest CreateCertificateAuthority Source # 
ToHeaders CreateCertificateAuthority Source # 
ToPath CreateCertificateAuthority Source # 
ToQuery CreateCertificateAuthority Source # 
type Rep CreateCertificateAuthority Source # 
type Rep CreateCertificateAuthority = D1 * (MetaData "CreateCertificateAuthority" "Network.AWS.CertificateManagerPCA.CreateCertificateAuthority" "amazonka-certificatemanager-pca-1.6.0-745TdprsK5d4KxFM63j3hX" False) (C1 * (MetaCons "CreateCertificateAuthority'" PrefixI True) ((:*:) * ((:*:) * (S1 * (MetaSel (Just Symbol "_ccaIdempotencyToken") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Maybe Text))) (S1 * (MetaSel (Just Symbol "_ccaRevocationConfiguration") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Maybe RevocationConfiguration)))) ((:*:) * (S1 * (MetaSel (Just Symbol "_ccaCertificateAuthorityConfiguration") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * CertificateAuthorityConfiguration)) (S1 * (MetaSel (Just Symbol "_ccaCertificateAuthorityType") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * CertificateAuthorityType)))))
type Rs CreateCertificateAuthority Source # 

Request Lenses

ccaIdempotencyToken :: Lens' CreateCertificateAuthority (Maybe Text) Source #

Alphanumeric string that can be used to distinguish between calls to CreateCertificateAuthority . Idempotency tokens time out after five minutes. Therefore, if you call CreateCertificateAuthority multiple times with the same idempotency token within a five minute period, ACM PCA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, however, ACM PCA recognizes that you are requesting multiple certificates.

ccaRevocationConfiguration :: Lens' CreateCertificateAuthority (Maybe RevocationConfiguration) Source #

Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM PCA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the CRL Distribution Points extension of your CA certificate. For more information, see the CrlConfiguration structure.

ccaCertificateAuthorityConfiguration :: Lens' CreateCertificateAuthority CertificateAuthorityConfiguration Source #

Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.

ccaCertificateAuthorityType :: Lens' CreateCertificateAuthority CertificateAuthorityType Source #

The type of the certificate authority. Currently, this must be SUBORDINATE .

Destructuring the Response

createCertificateAuthorityResponse Source #

Creates a value of CreateCertificateAuthorityResponse with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

  • ccarsCertificateAuthorityARN - If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This is of the form: arn:aws:acm:region :account :certificate-authority/12345678-1234-1234-1234-123456789012 .
  • ccarsResponseStatus - -- | The response status code.

data CreateCertificateAuthorityResponse Source #

See: createCertificateAuthorityResponse smart constructor.

Instances

Eq CreateCertificateAuthorityResponse Source # 
Data CreateCertificateAuthorityResponse Source # 

Methods

gfoldl :: (forall d b. Data d => c (d -> b) -> d -> c b) -> (forall g. g -> c g) -> CreateCertificateAuthorityResponse -> c CreateCertificateAuthorityResponse #

gunfold :: (forall b r. Data b => c (b -> r) -> c r) -> (forall r. r -> c r) -> Constr -> c CreateCertificateAuthorityResponse #

toConstr :: CreateCertificateAuthorityResponse -> Constr #

dataTypeOf :: CreateCertificateAuthorityResponse -> DataType #

dataCast1 :: Typeable (* -> *) t => (forall d. Data d => c (t d)) -> Maybe (c CreateCertificateAuthorityResponse) #

dataCast2 :: Typeable (* -> * -> *) t => (forall d e. (Data d, Data e) => c (t d e)) -> Maybe (c CreateCertificateAuthorityResponse) #

gmapT :: (forall b. Data b => b -> b) -> CreateCertificateAuthorityResponse -> CreateCertificateAuthorityResponse #

gmapQl :: (r -> r' -> r) -> r -> (forall d. Data d => d -> r') -> CreateCertificateAuthorityResponse -> r #

gmapQr :: (r' -> r -> r) -> r -> (forall d. Data d => d -> r') -> CreateCertificateAuthorityResponse -> r #

gmapQ :: (forall d. Data d => d -> u) -> CreateCertificateAuthorityResponse -> [u] #

gmapQi :: Int -> (forall d. Data d => d -> u) -> CreateCertificateAuthorityResponse -> u #

gmapM :: Monad m => (forall d. Data d => d -> m d) -> CreateCertificateAuthorityResponse -> m CreateCertificateAuthorityResponse #

gmapMp :: MonadPlus m => (forall d. Data d => d -> m d) -> CreateCertificateAuthorityResponse -> m CreateCertificateAuthorityResponse #

gmapMo :: MonadPlus m => (forall d. Data d => d -> m d) -> CreateCertificateAuthorityResponse -> m CreateCertificateAuthorityResponse #

Read CreateCertificateAuthorityResponse Source # 
Show CreateCertificateAuthorityResponse Source # 
Generic CreateCertificateAuthorityResponse Source # 
NFData CreateCertificateAuthorityResponse Source # 
type Rep CreateCertificateAuthorityResponse Source # 
type Rep CreateCertificateAuthorityResponse = D1 * (MetaData "CreateCertificateAuthorityResponse" "Network.AWS.CertificateManagerPCA.CreateCertificateAuthority" "amazonka-certificatemanager-pca-1.6.0-745TdprsK5d4KxFM63j3hX" False) (C1 * (MetaCons "CreateCertificateAuthorityResponse'" PrefixI True) ((:*:) * (S1 * (MetaSel (Just Symbol "_ccarsCertificateAuthorityARN") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * (Maybe Text))) (S1 * (MetaSel (Just Symbol "_ccarsResponseStatus") NoSourceUnpackedness SourceStrict DecidedStrict) (Rec0 * Int))))

Response Lenses

ccarsCertificateAuthorityARN :: Lens' CreateCertificateAuthorityResponse (Maybe Text) Source #

If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This is of the form: arn:aws:acm:region :account :certificate-authority/12345678-1234-1234-1234-123456789012 .