Package software.amazon.awscdk.services.acmpca

Class CfnCertificateAuthorityProps.Builder

java.lang.Object

software.amazon.awscdk.services.acmpca.CfnCertificateAuthorityProps.Builder

All Implemented Interfaces:

software.amazon.jsii.Builder<CfnCertificateAuthorityProps>

Enclosing interface:

CfnCertificateAuthorityProps

@Stability(Stable)
public static final class CfnCertificateAuthorityProps.Builder
extends Object
implements software.amazon.jsii.Builder<CfnCertificateAuthorityProps>

A builder for CfnCertificateAuthorityProps

Constructor Summary

Constructors

Constructor	Description
Builder()

Method Summary

Modifier and Type	Method	Description
CfnCertificateAuthorityProps	build()	Builds the configured instance.
CfnCertificateAuthorityProps.Builder	csrExtensions(IResolvable csrExtensions)	Sets the value of CfnCertificateAuthorityProps.getCsrExtensions()
CfnCertificateAuthorityProps.Builder	csrExtensions(CfnCertificateAuthority.CsrExtensionsProperty csrExtensions)	Sets the value of CfnCertificateAuthorityProps.getCsrExtensions()
CfnCertificateAuthorityProps.Builder	keyAlgorithm(String keyAlgorithm)	Sets the value of CfnCertificateAuthorityProps.getKeyAlgorithm()
CfnCertificateAuthorityProps.Builder	keyStorageSecurityStandard(String keyStorageSecurityStandard)	Sets the value of CfnCertificateAuthorityProps.getKeyStorageSecurityStandard()
CfnCertificateAuthorityProps.Builder	revocationConfiguration(IResolvable revocationConfiguration)	Sets the value of CfnCertificateAuthorityProps.getRevocationConfiguration()
CfnCertificateAuthorityProps.Builder	revocationConfiguration(CfnCertificateAuthority.RevocationConfigurationProperty revocationConfiguration)	Sets the value of CfnCertificateAuthorityProps.getRevocationConfiguration()
CfnCertificateAuthorityProps.Builder	signingAlgorithm(String signingAlgorithm)	Sets the value of CfnCertificateAuthorityProps.getSigningAlgorithm()
CfnCertificateAuthorityProps.Builder	subject(IResolvable subject)	Sets the value of CfnCertificateAuthorityProps.getSubject()
CfnCertificateAuthorityProps.Builder	subject(CfnCertificateAuthority.SubjectProperty subject)	Sets the value of CfnCertificateAuthorityProps.getSubject()
CfnCertificateAuthorityProps.Builder	tags(List<? extends CfnTag> tags)	Sets the value of CfnCertificateAuthorityProps.getTags()
CfnCertificateAuthorityProps.Builder	type(String type)	Sets the value of CfnCertificateAuthorityProps.getType()
CfnCertificateAuthorityProps.Builder	usageMode(String usageMode)	Sets the value of CfnCertificateAuthorityProps.getUsageMode()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Builder

public Builder()

Method Details

keyAlgorithm

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder keyAlgorithm(String keyAlgorithm)

Sets the value of CfnCertificateAuthorityProps.getKeyAlgorithm()

Parameters:

keyAlgorithm - Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. This parameter is required. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.

Returns:

this

signingAlgorithm

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder signingAlgorithm(String signingAlgorithm)

Sets the value of CfnCertificateAuthorityProps.getSigningAlgorithm()

Parameters:

signingAlgorithm - Name of the algorithm your private CA uses to sign certificate requests. This parameter is required. This parameter should not be confused with the SigningAlgorithm parameter used to sign certificates when they are issued.

Returns:

this

subject

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder subject(IResolvable subject)

Sets the value of CfnCertificateAuthorityProps.getSubject()

Parameters:

subject - Structure that contains X.500 distinguished name information for your private CA. This parameter is required.

Returns:

this

subject

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder subject(CfnCertificateAuthority.SubjectProperty subject)

Sets the value of CfnCertificateAuthorityProps.getSubject()

Parameters:

subject - Structure that contains X.500 distinguished name information for your private CA. This parameter is required.

Returns:

this

type

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder type(String type)

Sets the value of CfnCertificateAuthorityProps.getType()

Parameters:

type - Type of your private CA. This parameter is required.

Returns:

this

csrExtensions

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder csrExtensions(IResolvable csrExtensions)

Sets the value of CfnCertificateAuthorityProps.getCsrExtensions()

Parameters:

csrExtensions - Specifies information to be added to the extension section of the certificate signing request (CSR).

Returns:

this

csrExtensions

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder csrExtensions(CfnCertificateAuthority.CsrExtensionsProperty csrExtensions)

Sets the value of CfnCertificateAuthorityProps.getCsrExtensions()

Parameters:

csrExtensions - Specifies information to be added to the extension section of the certificate signing request (CSR).

Returns:

this

keyStorageSecurityStandard

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder keyStorageSecurityStandard(String keyStorageSecurityStandard)

Sets the value of CfnCertificateAuthorityProps.getKeyStorageSecurityStandard()

Parameters:

keyStorageSecurityStandard - Specifies a cryptographic key management compliance standard used for handling CA keys. Default: FIPS_140_2_LEVEL_3_OR_HIGHER

Some AWS Regions do not support the default. When creating a CA in these Regions, you must provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for KeyStorageSecurityStandard . Failure to do this results in an InvalidArgsException with the message, "A certificate authority cannot be created in this region with the specified security standard."

For information about security standard support in various Regions, see Storage and security compliance of AWS Private CA private keys .

Returns:

this

revocationConfiguration

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder revocationConfiguration(IResolvable revocationConfiguration)

Sets the value of CfnCertificateAuthorityProps.getRevocationConfiguration()

Parameters:

revocationConfiguration - Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. Your private certificate authority (CA) can configure Online Certificate Status Protocol (OCSP) support and/or maintain a certificate revocation list (CRL). OCSP returns validation information about certificates as requested by clients, and a CRL contains an updated list of certificates revoked by your CA. For more information, see RevokeCertificate in the AWS Private CA API Reference and Setting up a certificate revocation method in the AWS Private CA User Guide .

The following requirements apply to revocation configurations.

• A configuration disabling CRLs or OCSP must contain only the Enabled=False parameter, and will fail if other parameters such as CustomCname or ExpirationInDays are included.
• In a CRL configuration, the S3BucketName parameter must conform to the Amazon S3 bucket naming rules .
• A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to RFC2396 restrictions on the use of special characters in a CNAME.
• In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".

Returns:

this

revocationConfiguration

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder revocationConfiguration(CfnCertificateAuthority.RevocationConfigurationProperty revocationConfiguration)

Sets the value of CfnCertificateAuthorityProps.getRevocationConfiguration()

Parameters:

revocationConfiguration - Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. Your private certificate authority (CA) can configure Online Certificate Status Protocol (OCSP) support and/or maintain a certificate revocation list (CRL). OCSP returns validation information about certificates as requested by clients, and a CRL contains an updated list of certificates revoked by your CA. For more information, see RevokeCertificate in the AWS Private CA API Reference and Setting up a certificate revocation method in the AWS Private CA User Guide .

The following requirements apply to revocation configurations.

• A configuration disabling CRLs or OCSP must contain only the Enabled=False parameter, and will fail if other parameters such as CustomCname or ExpirationInDays are included.
• In a CRL configuration, the S3BucketName parameter must conform to the Amazon S3 bucket naming rules .
• A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to RFC2396 restrictions on the use of special characters in a CNAME.
• In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".

Returns:

this

tags

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder tags(List<? extends CfnTag> tags)

Sets the value of CfnCertificateAuthorityProps.getTags()

Parameters:

tags - Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags .

Returns:

this

usageMode

@Stability(Stable)
public CfnCertificateAuthorityProps.Builder usageMode(String usageMode)

Sets the value of CfnCertificateAuthorityProps.getUsageMode()

Parameters:

usageMode - Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.

The default value is GENERAL_PURPOSE.

Returns:

this

build

@Stability(Stable)
public CfnCertificateAuthorityProps build()

Builds the configured instance.

Specified by:

build in interface software.amazon.jsii.Builder<CfnCertificateAuthorityProps>

Returns:

a new instance of CfnCertificateAuthorityProps

Throws:

NullPointerException - if any required attribute was not provided