Paws::ACMPCA::CreateCertificateAuthority - Arguments for method CreateCertificateAuthority on Paws::ACMPCA
This class represents the parameters used for calling the method CreateCertificateAuthority on the AWS Certificate Manager Private Certificate Authority service. Use the attributes of this class as arguments to method CreateCertificateAuthority.
You shouldn't make instances of this class. Each attribute should be used as a named argument in the call to CreateCertificateAuthority.
my $acm-pca = Paws->service('ACMPCA'); my $CreateCertificateAuthorityResponse = $acm -pca->CreateCertificateAuthority( CertificateAuthorityConfiguration => { KeyAlgorithm => 'RSA_2048', # values: RSA_2048, RSA_4096, EC_prime256v1, EC_secp384r1 SigningAlgorithm => 'SHA256WITHECDSA' , # values: SHA256WITHECDSA, SHA384WITHECDSA, SHA512WITHECDSA, SHA256WITHRSA, SHA384WITHRSA, SHA512WITHRSA Subject => { CommonName => 'MyString64', # max: 64; OPTIONAL Country => 'MyCountryCodeString', # min: 2, max: 2; OPTIONAL DistinguishedNameQualifier => 'MyASN1PrintableString64', # max: 64; OPTIONAL GenerationQualifier => 'MyString3', # max: 3; OPTIONAL GivenName => 'MyString16', # max: 16; OPTIONAL Initials => 'MyString5', # max: 5; OPTIONAL Locality => 'MyString128', # max: 128; OPTIONAL Organization => 'MyString64', # max: 64; OPTIONAL OrganizationalUnit => 'MyString64', # max: 64; OPTIONAL Pseudonym => 'MyString128', # max: 128; OPTIONAL SerialNumber => 'MyASN1PrintableString64', # max: 64; OPTIONAL State => 'MyString128', # max: 128; OPTIONAL Surname => 'MyString40', # max: 40; OPTIONAL Title => 'MyString64', # max: 64; OPTIONAL }, CsrExtensions => { KeyUsage => { CRLSign => 1, # OPTIONAL DataEncipherment => 1, # OPTIONAL DecipherOnly => 1, # OPTIONAL DigitalSignature => 1, # OPTIONAL EncipherOnly => 1, # OPTIONAL KeyAgreement => 1, # OPTIONAL KeyCertSign => 1, # OPTIONAL KeyEncipherment => 1, # OPTIONAL NonRepudiation => 1, # OPTIONAL }, # OPTIONAL SubjectInformationAccess => [ { AccessLocation => { DirectoryName => { CommonName => 'MyString64', # max: 64; OPTIONAL Country => 'MyCountryCodeString', # min: 2, max: 2; OPTIONAL DistinguishedNameQualifier => 'MyASN1PrintableString64', # max: 64; OPTIONAL GenerationQualifier => 'MyString3', # max: 3; OPTIONAL GivenName => 'MyString16', # max: 16; OPTIONAL Initials => 'MyString5', # max: 5; OPTIONAL Locality => 'MyString128', # max: 128; OPTIONAL Organization => 'MyString64', # max: 64; OPTIONAL OrganizationalUnit => 'MyString64', # max: 64; OPTIONAL Pseudonym => 'MyString128', # max: 128; OPTIONAL SerialNumber => 'MyASN1PrintableString64', # max: 64; OPTIONAL State => 'MyString128', # max: 128; OPTIONAL Surname => 'MyString40', # max: 40; OPTIONAL Title => 'MyString64', # max: 64; OPTIONAL }, DnsName => 'MyString253', # max: 253; OPTIONAL EdiPartyName => { PartyName => 'MyString256', # max: 256 NameAssigner => 'MyString256', # max: 256 }, # OPTIONAL IpAddress => 'MyString39', # max: 39; OPTIONAL OtherName => { TypeId => 'MyCustomObjectIdentifier', # max: 64 Value => 'MyString256', # max: 256 }, # OPTIONAL RegisteredId => 'MyCustomObjectIdentifier', # max: 64 Rfc822Name => 'MyString256', # max: 256 UniformResourceIdentifier => 'MyString253', # max: 253; OPTIONAL }, AccessMethod => { AccessMethodType => 'CA_REPOSITORY' , # values: CA_REPOSITORY, RESOURCE_PKI_MANIFEST, RESOURCE_PKI_NOTIFY; OPTIONAL CustomObjectIdentifier => 'MyCustomObjectIdentifier', # max: 64 }, }, ... ], # OPTIONAL }, # OPTIONAL }, CertificateAuthorityType => 'ROOT', IdempotencyToken => 'MyIdempotencyToken', # OPTIONAL KeyStorageSecurityStandard => 'FIPS_140_2_LEVEL_2_OR_HIGHER', # OPTIONAL RevocationConfiguration => { CrlConfiguration => { Enabled => 1, # OPTIONAL CustomCname => 'MyString253', # max: 253; OPTIONAL ExpirationInDays => 1, # min: 1, max: 5000; OPTIONAL S3BucketName => 'MyString3To255', # min: 3, max: 255; OPTIONAL S3ObjectAcl => 'PUBLIC_READ' , # values: PUBLIC_READ, BUCKET_OWNER_FULL_CONTROL; OPTIONAL }, # OPTIONAL }, # OPTIONAL Tags => [ { Key => 'MyTagKey', # min: 1, max: 128 Value => 'MyTagValue', # max: 256; OPTIONAL }, ... ], # OPTIONAL ); # Results: my $CertificateAuthorityArn = $CreateCertificateAuthorityResponse->CertificateAuthorityArn; # Returns a L<Paws::ACMPCA::CreateCertificateAuthorityResponse> object.
Values for attributes that are native types (Int, String, Float, etc) can passed as-is (scalar values). Values for complex Types (objects) can be passed as a HashRef. The keys and values of the hashref will be used to instance the underlying object. For the AWS API documentation, see https://docs.aws.amazon.com/goto/WebAPI/acm-pca/CreateCertificateAuthority
Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.
The type of the certificate authority.
Valid values are: "ROOT", "SUBORDINATE"
"ROOT"
"SUBORDINATE"
Custom string that can be used to distinguish between calls to the CreateCertificateAuthority action. Idempotency tokens for CreateCertificateAuthority time out after five minutes. Therefore, if you call CreateCertificateAuthority multiple times with the same idempotency token within five minutes, ACM Private CA recognizes that you are requesting only certificate authority and will issue only one. If you change the idempotency token for each call, PCA recognizes that you are requesting multiple certificate authorities.
Specifies a cryptographic key management compliance standard used for handling CA keys.
Default: FIPS_140_2_LEVEL_3_OR_HIGHER
Note: FIPS_140_2_LEVEL_3_OR_HIGHER is not supported in Region ap-northeast-3. When creating a CA in the ap-northeast-3, you must provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for KeyStorageSecurityStandard. Failure to do this results in an InvalidArgsException with the message, "A certificate authority cannot be created in this region with the specified security standard."
FIPS_140_2_LEVEL_3_OR_HIGHER
FIPS_140_2_LEVEL_2_OR_HIGHER
KeyStorageSecurityStandard
InvalidArgsException
Valid values are: "FIPS_140_2_LEVEL_2_OR_HIGHER", "FIPS_140_2_LEVEL_3_OR_HIGHER"
"FIPS_140_2_LEVEL_2_OR_HIGHER"
"FIPS_140_2_LEVEL_3_OR_HIGHER"
Contains a Boolean value that you can use to enable a certification revocation list (CRL) for the CA, the name of the S3 bucket to which ACM Private CA will write the CRL, and an optional CNAME alias that you can use to hide the name of your bucket in the CRL Distribution Points extension of your CA certificate. For more information, see the CrlConfiguration (https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CrlConfiguration.html) structure.
Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).
This class forms part of Paws, documenting arguments for method CreateCertificateAuthority in Paws::ACMPCA
The source code is located here: https://github.com/pplu/aws-sdk-perl
Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues
To install Paws, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Paws
CPAN shell
perl -MCPAN -e shell install Paws
For more information on module installation, please visit the detailed CPAN module installation guide.