Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Synopsis
- data CertificateAuthority = CertificateAuthority' {
- arn :: Maybe Text
- certificateAuthorityConfiguration :: Maybe CertificateAuthorityConfiguration
- createdAt :: Maybe POSIX
- failureReason :: Maybe FailureReason
- keyStorageSecurityStandard :: Maybe KeyStorageSecurityStandard
- lastStateChangeAt :: Maybe POSIX
- notAfter :: Maybe POSIX
- notBefore :: Maybe POSIX
- ownerAccount :: Maybe Text
- restorableUntil :: Maybe POSIX
- revocationConfiguration :: Maybe RevocationConfiguration
- serial :: Maybe Text
- status :: Maybe CertificateAuthorityStatus
- type' :: Maybe CertificateAuthorityType
- usageMode :: Maybe CertificateAuthorityUsageMode
- newCertificateAuthority :: CertificateAuthority
- certificateAuthority_arn :: Lens' CertificateAuthority (Maybe Text)
- certificateAuthority_certificateAuthorityConfiguration :: Lens' CertificateAuthority (Maybe CertificateAuthorityConfiguration)
- certificateAuthority_createdAt :: Lens' CertificateAuthority (Maybe UTCTime)
- certificateAuthority_failureReason :: Lens' CertificateAuthority (Maybe FailureReason)
- certificateAuthority_keyStorageSecurityStandard :: Lens' CertificateAuthority (Maybe KeyStorageSecurityStandard)
- certificateAuthority_lastStateChangeAt :: Lens' CertificateAuthority (Maybe UTCTime)
- certificateAuthority_notAfter :: Lens' CertificateAuthority (Maybe UTCTime)
- certificateAuthority_notBefore :: Lens' CertificateAuthority (Maybe UTCTime)
- certificateAuthority_ownerAccount :: Lens' CertificateAuthority (Maybe Text)
- certificateAuthority_restorableUntil :: Lens' CertificateAuthority (Maybe UTCTime)
- certificateAuthority_revocationConfiguration :: Lens' CertificateAuthority (Maybe RevocationConfiguration)
- certificateAuthority_serial :: Lens' CertificateAuthority (Maybe Text)
- certificateAuthority_status :: Lens' CertificateAuthority (Maybe CertificateAuthorityStatus)
- certificateAuthority_type :: Lens' CertificateAuthority (Maybe CertificateAuthorityType)
- certificateAuthority_usageMode :: Lens' CertificateAuthority (Maybe CertificateAuthorityUsageMode)
Documentation
data CertificateAuthority Source #
Contains information about your private certificate authority (CA). Your private CA can issue and revoke X.509 digital certificates. Digital certificates verify that the entity named in the certificate Subject field owns or controls the public key contained in the __Subject Public Key Info__ field. Call the CreateCertificateAuthority action to create your private CA. You must then call the GetCertificateAuthorityCertificate action to retrieve a private CA certificate signing request (CSR). Sign the CSR with your Amazon Web Services Private CA-hosted or on-premises root or subordinate CA certificate. Call the ImportCertificateAuthorityCertificate action to import the signed certificate into Certificate Manager (ACM).
See: newCertificateAuthority
smart constructor.
CertificateAuthority' | |
|
Instances
newCertificateAuthority :: CertificateAuthority Source #
Create a value of CertificateAuthority
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:arn:CertificateAuthority'
, certificateAuthority_arn
- Amazon Resource Name (ARN) for your private certificate authority (CA).
The format is
12345678-1234-1234-1234-123456789012
.
$sel:certificateAuthorityConfiguration:CertificateAuthority'
, certificateAuthority_certificateAuthorityConfiguration
- Your private CA configuration.
$sel:createdAt:CertificateAuthority'
, certificateAuthority_createdAt
- Date and time at which your private CA was created.
$sel:failureReason:CertificateAuthority'
, certificateAuthority_failureReason
- Reason the request to create your private CA failed.
$sel:keyStorageSecurityStandard:CertificateAuthority'
, certificateAuthority_keyStorageSecurityStandard
- Defines a cryptographic key management compliance standard used for
handling CA keys.
Default: FIPS_140_2_LEVEL_3_OR_HIGHER
Note: Amazon Web Services Region ap-northeast-3 supports only
FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter
and value when creating a CA in that Region. Specifying a different
value (or no value) results in an InvalidArgsException
with the
message "A certificate authority cannot be created in this region with
the specified security standard."
$sel:lastStateChangeAt:CertificateAuthority'
, certificateAuthority_lastStateChangeAt
- Date and time at which your private CA was last updated.
$sel:notAfter:CertificateAuthority'
, certificateAuthority_notAfter
- Date and time after which your private CA certificate is not valid.
$sel:notBefore:CertificateAuthority'
, certificateAuthority_notBefore
- Date and time before which your private CA certificate is not valid.
$sel:ownerAccount:CertificateAuthority'
, certificateAuthority_ownerAccount
- The Amazon Web Services account ID that owns the certificate authority.
$sel:restorableUntil:CertificateAuthority'
, certificateAuthority_restorableUntil
- The period during which a deleted CA can be restored. For more
information, see the PermanentDeletionTimeInDays
parameter of the
DeleteCertificateAuthorityRequest
action.
$sel:revocationConfiguration:CertificateAuthority'
, certificateAuthority_revocationConfiguration
- Information about the Online Certificate Status Protocol (OCSP)
configuration or certificate revocation list (CRL) created and
maintained by your private CA.
$sel:serial:CertificateAuthority'
, certificateAuthority_serial
- Serial number of your private CA.
$sel:status:CertificateAuthority'
, certificateAuthority_status
- Status of your private CA.
$sel:type':CertificateAuthority'
, certificateAuthority_type
- Type of your private CA.
$sel:usageMode:CertificateAuthority'
, certificateAuthority_usageMode
- Specifies whether the CA issues general-purpose certificates that
typically require a revocation mechanism, or short-lived certificates
that may optionally omit revocation because they expire quickly.
Short-lived certificate validity is limited to seven days.
The default value is GENERAL_PURPOSE.
certificateAuthority_arn :: Lens' CertificateAuthority (Maybe Text) Source #
Amazon Resource Name (ARN) for your private certificate authority (CA).
The format is
12345678-1234-1234-1234-123456789012
.
certificateAuthority_certificateAuthorityConfiguration :: Lens' CertificateAuthority (Maybe CertificateAuthorityConfiguration) Source #
Your private CA configuration.
certificateAuthority_createdAt :: Lens' CertificateAuthority (Maybe UTCTime) Source #
Date and time at which your private CA was created.
certificateAuthority_failureReason :: Lens' CertificateAuthority (Maybe FailureReason) Source #
Reason the request to create your private CA failed.
certificateAuthority_keyStorageSecurityStandard :: Lens' CertificateAuthority (Maybe KeyStorageSecurityStandard) Source #
Defines a cryptographic key management compliance standard used for handling CA keys.
Default: FIPS_140_2_LEVEL_3_OR_HIGHER
Note: Amazon Web Services Region ap-northeast-3 supports only
FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter
and value when creating a CA in that Region. Specifying a different
value (or no value) results in an InvalidArgsException
with the
message "A certificate authority cannot be created in this region with
the specified security standard."
certificateAuthority_lastStateChangeAt :: Lens' CertificateAuthority (Maybe UTCTime) Source #
Date and time at which your private CA was last updated.
certificateAuthority_notAfter :: Lens' CertificateAuthority (Maybe UTCTime) Source #
Date and time after which your private CA certificate is not valid.
certificateAuthority_notBefore :: Lens' CertificateAuthority (Maybe UTCTime) Source #
Date and time before which your private CA certificate is not valid.
certificateAuthority_ownerAccount :: Lens' CertificateAuthority (Maybe Text) Source #
The Amazon Web Services account ID that owns the certificate authority.
certificateAuthority_restorableUntil :: Lens' CertificateAuthority (Maybe UTCTime) Source #
The period during which a deleted CA can be restored. For more
information, see the PermanentDeletionTimeInDays
parameter of the
DeleteCertificateAuthorityRequest
action.
certificateAuthority_revocationConfiguration :: Lens' CertificateAuthority (Maybe RevocationConfiguration) Source #
Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA.
certificateAuthority_serial :: Lens' CertificateAuthority (Maybe Text) Source #
Serial number of your private CA.
certificateAuthority_status :: Lens' CertificateAuthority (Maybe CertificateAuthorityStatus) Source #
Status of your private CA.
certificateAuthority_type :: Lens' CertificateAuthority (Maybe CertificateAuthorityType) Source #
Type of your private CA.
certificateAuthority_usageMode :: Lens' CertificateAuthority (Maybe CertificateAuthorityUsageMode) Source #
Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.
The default value is GENERAL_PURPOSE.