Created
October 1, 2021 13:52
-
-
Save muvaf/55e8f363044671a61f2a5ddd319b91b5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "typeName": "AWS::ACMPCA::Certificate", | |
| "description": "A certificate issued via a private certificate authority", | |
| "sourceUrl": "https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_ACMPCA.html", | |
| "definitions": { | |
| "ApiPassthrough": { | |
| "description": "Structure that specifies fields to be overridden in a certificate at the time of issuance. These requires an API Passthrough template be used or they will be ignored.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "Extensions": { | |
| "$ref": "#/definitions/Extensions" | |
| }, | |
| "Subject": { | |
| "$ref": "#/definitions/Subject" | |
| } | |
| } | |
| }, | |
| "Arn": { | |
| "type": "string" | |
| }, | |
| "CertificatePolicyList": { | |
| "type": "array", | |
| "items": { | |
| "$ref": "#/definitions/PolicyInformation" | |
| } | |
| }, | |
| "ExtendedKeyUsage": { | |
| "description": "Structure that contains X.509 ExtendedKeyUsage information.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "ExtendedKeyUsageType": { | |
| "type": "string" | |
| }, | |
| "ExtendedKeyUsageObjectIdentifier": { | |
| "$ref": "#/definitions/CustomObjectIdentifier" | |
| } | |
| } | |
| }, | |
| "ExtendedKeyUsageList": { | |
| "type": "array", | |
| "items": { | |
| "$ref": "#/definitions/ExtendedKeyUsage" | |
| } | |
| }, | |
| "Extensions": { | |
| "description": "Structure that contains X.500 extensions for a Certificate.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "CertificatePolicies": { | |
| "$ref": "#/definitions/CertificatePolicyList" | |
| }, | |
| "ExtendedKeyUsage": { | |
| "$ref": "#/definitions/ExtendedKeyUsageList" | |
| }, | |
| "KeyUsage": { | |
| "$ref": "#/definitions/KeyUsage" | |
| }, | |
| "SubjectAlternativeNames": { | |
| "$ref": "#/definitions/GeneralNameList" | |
| } | |
| } | |
| }, | |
| "GeneralNameList": { | |
| "type": "array", | |
| "items": { | |
| "$ref": "#/definitions/GeneralName" | |
| } | |
| }, | |
| "GeneralName": { | |
| "description": "Structure that contains X.509 GeneralName information. Assign one and ONLY one field.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "OtherName": { | |
| "$ref": "#/definitions/OtherName" | |
| }, | |
| "Rfc822Name": { | |
| "$ref": "#/definitions/Rfc822Name" | |
| }, | |
| "DnsName": { | |
| "$ref": "#/definitions/DnsName" | |
| }, | |
| "DirectoryName": { | |
| "$ref": "#/definitions/Subject" | |
| }, | |
| "EdiPartyName": { | |
| "$ref": "#/definitions/EdiPartyName" | |
| }, | |
| "UniformResourceIdentifier": { | |
| "$ref": "#/definitions/UniformResourceIdentifier" | |
| }, | |
| "IpAddress": { | |
| "$ref": "#/definitions/IpAddress" | |
| }, | |
| "RegisteredId": { | |
| "$ref": "#/definitions/CustomObjectIdentifier" | |
| } | |
| } | |
| }, | |
| "KeyUsage": { | |
| "description": "Structure that contains X.509 KeyUsage information.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "DigitalSignature": { | |
| "type": "boolean", | |
| "default": false | |
| }, | |
| "NonRepudiation": { | |
| "type": "boolean", | |
| "default": false | |
| }, | |
| "KeyEncipherment": { | |
| "type": "boolean", | |
| "default": false | |
| }, | |
| "DataEncipherment": { | |
| "type": "boolean", | |
| "default": false | |
| }, | |
| "KeyAgreement": { | |
| "type": "boolean", | |
| "default": false | |
| }, | |
| "KeyCertSign": { | |
| "type": "boolean", | |
| "default": false | |
| }, | |
| "CRLSign": { | |
| "type": "boolean", | |
| "default": false | |
| }, | |
| "EncipherOnly": { | |
| "type": "boolean", | |
| "default": false | |
| }, | |
| "DecipherOnly": { | |
| "type": "boolean", | |
| "default": false | |
| } | |
| } | |
| }, | |
| "PolicyInformation": { | |
| "description": "Structure that contains X.509 Policy information.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "CertPolicyId": { | |
| "$ref": "#/definitions/CustomObjectIdentifier" | |
| }, | |
| "PolicyQualifiers": { | |
| "$ref": "#/definitions/PolicyQualifierInfoList" | |
| } | |
| }, | |
| "required": [ | |
| "CertPolicyId" | |
| ] | |
| }, | |
| "PolicyQualifierInfo": { | |
| "description": "Structure that contains X.509 Policy qualifier information.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "PolicyQualifierId": { | |
| "type": "string" | |
| }, | |
| "Qualifier": { | |
| "$ref": "#/definitions/Qualifier" | |
| } | |
| }, | |
| "required": [ | |
| "PolicyQualifierId", | |
| "Qualifier" | |
| ] | |
| }, | |
| "PolicyQualifierInfoList": { | |
| "type": "array", | |
| "items": { | |
| "$ref": "#/definitions/PolicyQualifierInfo" | |
| } | |
| }, | |
| "Qualifier": { | |
| "description": "Structure that contains a X.509 policy qualifier.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "CpsUri": { | |
| "type": "string" | |
| } | |
| }, | |
| "required": [ | |
| "CpsUri" | |
| ] | |
| }, | |
| "Subject": { | |
| "description": "Structure that contains X.500 distinguished name information.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "Country": { "type": "string" }, | |
| "Organization": { "type": "string" }, | |
| "OrganizationalUnit": { "type": "string" }, | |
| "DistinguishedNameQualifier": { "type": "string" }, | |
| "State": { "type": "string" }, | |
| "CommonName": { "type": "string" }, | |
| "SerialNumber": { "type": "string" }, | |
| "Locality": { "type": "string" }, | |
| "Title": { "type": "string" }, | |
| "Surname": { "type": "string" }, | |
| "GivenName": { "type": "string" }, | |
| "Initials": { "type": "string" }, | |
| "Pseudonym": { "type": "string" }, | |
| "GenerationQualifier": { "type": "string" } | |
| } | |
| }, | |
| "Validity": { | |
| "description": "Validity for a certificate.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "Value": { | |
| "type": "number" | |
| }, | |
| "Type": { | |
| "type": "string" | |
| } | |
| }, | |
| "required": [ | |
| "Value", | |
| "Type" | |
| ] | |
| }, | |
| "CustomObjectIdentifier": { | |
| "description": "String that contains X.509 ObjectIdentifier information.", | |
| "type": "string" | |
| }, | |
| "OtherName": { | |
| "description": "Structure that contains X.509 OtherName information.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "TypeId": { | |
| "$ref": "#/definitions/CustomObjectIdentifier" | |
| }, | |
| "Value": { | |
| "type": "string" | |
| } | |
| }, | |
| "required": [ | |
| "TypeId", | |
| "Value" | |
| ] | |
| }, | |
| "Rfc822Name": { | |
| "description": "String that contains X.509 Rfc822Name information.", | |
| "type": "string" | |
| }, | |
| "DnsName": { | |
| "description": "String that contains X.509 DnsName information.", | |
| "type": "string" | |
| }, | |
| "EdiPartyName": { | |
| "description": "Structure that contains X.509 EdiPartyName information.", | |
| "type": "object", | |
| "additionalProperties": false, | |
| "properties": { | |
| "PartyName": { | |
| "type": "string" | |
| }, | |
| "NameAssigner": { | |
| "type": "string" | |
| } | |
| }, | |
| "required": [ | |
| "PartyName", | |
| "NameAssigner" | |
| ] | |
| }, | |
| "UniformResourceIdentifier": { | |
| "description": "String that contains X.509 UniformResourceIdentifier information.", | |
| "type": "string" | |
| }, | |
| "IpAddress": { | |
| "description": "String that contains X.509 IpAddress information.", | |
| "type": "string" | |
| } | |
| }, | |
| "properties": { | |
| "ApiPassthrough": { | |
| "description": "These are fields to be overridden in a certificate at the time of issuance. These requires an API_Passthrough template be used or they will be ignored.", | |
| "$ref": "#/definitions/ApiPassthrough" | |
| }, | |
| "CertificateAuthorityArn": { | |
| "description": "The Amazon Resource Name (ARN) for the private CA to issue the certificate.", | |
| "$ref": "#/definitions/Arn" | |
| }, | |
| "CertificateSigningRequest": { | |
| "description": "The certificate signing request (CSR) for the Certificate.", | |
| "type": "string", | |
| "minLength": 1 | |
| }, | |
| "SigningAlgorithm": { | |
| "description": "The name of the algorithm that will be used to sign the Certificate.", | |
| "type": "string" | |
| }, | |
| "TemplateArn": { | |
| "description": "Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template.", | |
| "$ref": "#/definitions/Arn" | |
| }, | |
| "Validity": { | |
| "description": "The time before which the Certificate will be valid.", | |
| "$ref": "#/definitions/Validity" | |
| }, | |
| "ValidityNotBefore": { | |
| "description": "The time after which the Certificate will be valid.", | |
| "$ref": "#/definitions/Validity" | |
| }, | |
| "Certificate": { | |
| "description": "The issued certificate in base 64 PEM-encoded format.", | |
| "type": "string" | |
| }, | |
| "Arn": { | |
| "description": "The ARN of the issued certificate.", | |
| "$ref": "#/definitions/Arn" | |
| } | |
| }, | |
| "additionalProperties": false, | |
| "required": [ | |
| "CertificateAuthorityArn", | |
| "CertificateSigningRequest", | |
| "SigningAlgorithm", | |
| "Validity" | |
| ], | |
| "readOnlyProperties": [ | |
| "/properties/Arn", | |
| "/properties/Certificate" | |
| ], | |
| "createOnlyProperties": [ | |
| "/properties/ApiPassthrough", | |
| "/properties/CertificateAuthorityArn", | |
| "/properties/CertificateSigningRequest", | |
| "/properties/SigningAlgorithm", | |
| "/properties/TemplateArn", | |
| "/properties/Validity", | |
| "/properties/ValidityNotBefore" | |
| ], | |
| "writeOnlyProperties": [ | |
| "/properties/ApiPassthrough", | |
| "/properties/CertificateSigningRequest" | |
| ], | |
| "primaryIdentifier": [ | |
| "/properties/Arn", | |
| "/properties/CertificateAuthorityArn" | |
| ], | |
| "handlers": { | |
| "create": { | |
| "permissions": [ | |
| "acm-pca:IssueCertificate", | |
| "acm-pca:GetCertificate" | |
| ] | |
| }, | |
| "read": { | |
| "permissions": [ | |
| "acm-pca:GetCertificate" | |
| ] | |
| }, | |
| "delete": { | |
| "permissions": [ | |
| "acm-pca:GetCertificate" | |
| ] | |
| }, | |
| "update": { | |
| "permissions": [] | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment