aws-cdk-lib.aws_acmpca.CfnCertificateAuthority.CsrExtensionsProperty

interface CsrExtensionsProperty

LanguageType name
.NETAmazon.CDK.AWS.ACMPCA.CfnCertificateAuthority.CsrExtensionsProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsacmpca#CfnCertificateAuthority_CsrExtensionsProperty
Javasoftware.amazon.awscdk.services.acmpca.CfnCertificateAuthority.CsrExtensionsProperty
Pythonaws_cdk.aws_acmpca.CfnCertificateAuthority.CsrExtensionsProperty
TypeScript aws-cdk-lib » aws_acmpca » CfnCertificateAuthority » CsrExtensionsProperty

Describes the certificate extensions to be added to the certificate signing request (CSR).

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_acmpca as acmpca } from 'aws-cdk-lib';
const csrExtensionsProperty: acmpca.CfnCertificateAuthority.CsrExtensionsProperty = {
  keyUsage: {
    crlSign: false,
    dataEncipherment: false,
    decipherOnly: false,
    digitalSignature: false,
    encipherOnly: false,
    keyAgreement: false,
    keyCertSign: false,
    keyEncipherment: false,
    nonRepudiation: false,
  },
  subjectInformationAccess: [{
    accessLocation: {
      directoryName: {
        commonName: 'commonName',
        country: 'country',
        customAttributes: [{
          objectIdentifier: 'objectIdentifier',
          value: 'value',
        }],
        distinguishedNameQualifier: 'distinguishedNameQualifier',
        generationQualifier: 'generationQualifier',
        givenName: 'givenName',
        initials: 'initials',
        locality: 'locality',
        organization: 'organization',
        organizationalUnit: 'organizationalUnit',
        pseudonym: 'pseudonym',
        serialNumber: 'serialNumber',
        state: 'state',
        surname: 'surname',
        title: 'title',
      },
      dnsName: 'dnsName',
      ediPartyName: {
        nameAssigner: 'nameAssigner',
        partyName: 'partyName',
      },
      ipAddress: 'ipAddress',
      otherName: {
        typeId: 'typeId',
        value: 'value',
      },
      registeredId: 'registeredId',
      rfc822Name: 'rfc822Name',
      uniformResourceIdentifier: 'uniformResourceIdentifier',
    },
    accessMethod: {
      accessMethodType: 'accessMethodType',
      customObjectIdentifier: 'customObjectIdentifier',
    },
  }],
};

Properties

NameTypeDescription
keyUsage?IResolvable | KeyUsagePropertyIndicates the purpose of the certificate and of the key contained in the certificate.
subjectInformationAccess?IResolvable | IResolvable | AccessDescriptionProperty[]For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy.

keyUsage?

Type: IResolvable | KeyUsageProperty (optional)

Indicates the purpose of the certificate and of the key contained in the certificate.


subjectInformationAccess?

Type: IResolvable | IResolvable | AccessDescriptionProperty[] (optional)

For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy.

For more information, see Subject Information Access in RFC 5280.