Private certificate authority.
key_algorithm
(String) Public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate.signing_algorithm
(String) Algorithm your CA uses to sign certificate requests.subject
(Attributes) Structure that contains X.500 distinguished name information for your CA. (see below for nested schema)type
(String) The type of the certificate authority.csr_extensions
(Attributes) Structure that contains CSR pass through extension information used by the CreateCertificateAuthority action. (see below for nested schema)key_storage_security_standard
(String) KeyStorageSecurityStadard defines a cryptographic key management compliance standard used for handling CA keys.revocation_configuration
(Attributes) Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. (see below for nested schema)tags
(Attributes List) (see below for nested schema)usage_mode
(String) Usage mode of the ceritificate authority.arn
(String) The Amazon Resource Name (ARN) of the certificate authority.certificate_signing_request
(String) The base64 PEM-encoded certificate signing request (CSR) for your certificate authority certificate.id
(String) Uniquely identifies the resource.subject
Optional:
common_name
(String)country
(String)custom_attributes
(Attributes List) Array of X.500 attribute type and value. CustomAttributes cannot be used along with pre-defined attributes. (see below for nested schema)distinguished_name_qualifier
(String)generation_qualifier
(String)given_name
(String)initials
(String)locality
(String)organization
(String)organizational_unit
(String)pseudonym
(String)serial_number
(String)state
(String)surname
(String)title
(String)subject.custom_attributes
Required:
object_identifier
(String) String that contains X.509 ObjectIdentifier information.value
(String)csr_extensions
Optional:
key_usage
(Attributes) Structure that contains X.509 KeyUsage information. (see below for nested schema)subject_information_access
(Attributes List) Array of X.509 AccessDescription. (see below for nested schema)csr_extensions.key_usage
Optional:
crl_sign
(Boolean)data_encipherment
(Boolean)decipher_only
(Boolean)digital_signature
(Boolean)encipher_only
(Boolean)key_agreement
(Boolean)key_cert_sign
(Boolean)key_encipherment
(Boolean)non_repudiation
(Boolean)csr_extensions.subject_information_access
Required:
access_location
(Attributes) Structure that contains X.509 GeneralName information. Assign one and ONLY one field. (see below for nested schema)access_method
(Attributes) Structure that contains X.509 AccessMethod information. Assign one and ONLY one field. (see below for nested schema)csr_extensions.subject_information_access.access_location
Optional:
directory_name
(Attributes) Structure that contains X.500 distinguished name information for your CA. (see below for nested schema)dns_name
(String) String that contains X.509 DnsName information.edi_party_name
(Attributes) Structure that contains X.509 EdiPartyName information. (see below for nested schema)ip_address
(String) String that contains X.509 IpAddress information.other_name
(Attributes) Structure that contains X.509 OtherName information. (see below for nested schema)registered_id
(String) String that contains X.509 ObjectIdentifier information.rfc_822_name
(String) String that contains X.509 Rfc822Name information.uniform_resource_identifier
(String) String that contains X.509 UniformResourceIdentifier information.csr_extensions.subject_information_access.access_location.directory_name
Optional:
common_name
(String)country
(String)custom_attributes
(Attributes List) Array of X.500 attribute type and value. CustomAttributes cannot be used along with pre-defined attributes. (see below for nested schema)distinguished_name_qualifier
(String)generation_qualifier
(String)given_name
(String)initials
(String)locality
(String)organization
(String)organizational_unit
(String)pseudonym
(String)serial_number
(String)state
(String)surname
(String)title
(String)csr_extensions.subject_information_access.access_location.uniform_resource_identifier.custom_attributes
Required:
object_identifier
(String) String that contains X.509 ObjectIdentifier information.value
(String)csr_extensions.subject_information_access.access_location.edi_party_name
Required:
party_name
(String)Optional:
name_assigner
(String)csr_extensions.subject_information_access.access_location.other_name
Required:
type_id
(String) String that contains X.509 ObjectIdentifier information.value
(String)csr_extensions.subject_information_access.access_method
Optional:
access_method_type
(String) Pre-defined enum string for X.509 AccessMethod ObjectIdentifiers.custom_object_identifier
(String) String that contains X.509 ObjectIdentifier information.revocation_configuration
Optional:
crl_configuration
(Attributes) Your certificate authority can create and maintain a certificate revocation list (CRL). A CRL contains information about certificates that have been revoked. (see below for nested schema)ocsp_configuration
(Attributes) Helps to configure online certificate status protocol (OCSP) responder for your certificate authority (see below for nested schema)revocation_configuration.crl_configuration
Required:
enabled
(Boolean)Optional:
crl_distribution_point_extension_configuration
(Attributes) Configures the default behavior of the CRL Distribution Point extension for certificates issued by your certificate authority (see below for nested schema)custom_cname
(String)expiration_in_days
(Number)s3_bucket_name
(String)s3_object_acl
(String)revocation_configuration.crl_configuration.crl_distribution_point_extension_configuration
Required:
omit_extension
(Boolean)revocation_configuration.ocsp_configuration
Required:
enabled
(Boolean)Optional:
ocsp_custom_cname
(String)tags
Required:
key
(String)Optional:
value
(String)Import is supported using the following syntax:
$ terraform import awscc_acmpca_certificate_authority.example <resource ID>