Skip to content

Commit

Permalink
docs(client-acm-pca): Document-only update to refresh CLI documentati…
Browse files Browse the repository at this point in the history
…on for AWS Private CA. No change to the service.
  • Loading branch information
awstools committed Jun 9, 2023
1 parent 20a210e commit 72364d2
Show file tree
Hide file tree
Showing 4 changed files with 567 additions and 1,511 deletions.
2 changes: 1 addition & 1 deletion clients/client-acm-pca/src/endpoint/EndpointParameters.ts
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ export const resolveClientEndpointParameters = <T>(
};

export interface EndpointParameters extends __EndpointParameters {
Region: string;
Region?: string;
UseDualStack?: boolean;
UseFIPS?: boolean;
Endpoint?: string;
Expand Down
42 changes: 21 additions & 21 deletions clients/client-acm-pca/src/endpoint/ruleset.ts
Original file line number Diff line number Diff line change
Expand Up @@ -6,27 +6,27 @@ import { RuleSetObject } from "@aws-sdk/util-endpoints";
or see "smithy.rules#endpointRuleSet"
in codegen/sdk-codegen/aws-models/acm-pca.json */

const t="fn",
const s="required",
t="fn",
u="argv",
v="ref";
const a=true,
b=false,
c="String",
d="PartitionResult",
e="tree",
f="error",
g="endpoint",
h="getAttr",
i={"required":true,"default":false,"type":"Boolean"},
j={[v]:"Endpoint"},
k={[t]:"booleanEquals",[u]:[{[v]:"UseFIPS"},true]},
l={[t]:"booleanEquals",[u]:[{[v]:"UseDualStack"},true]},
m={},
n={[t]:"booleanEquals",[u]:[true,{[t]:h,[u]:[{[v]:d},"supportsFIPS"]}]},
o={[v]:d},
p={[t]:"booleanEquals",[u]:[true,{[t]:h,[u]:[o,"supportsDualStack"]}]},
q={"url":"https://acm-pca.{Region}.{PartitionResult#dnsSuffix}","properties":{},"headers":{}},
r=[k],
s=[l];
const _data={version:"1.0",parameters:{Region:{required:a,type:c},UseDualStack:i,UseFIPS:i,Endpoint:{required:b,type:c}},rules:[{conditions:[{[t]:"aws.partition",[u]:[{[v]:"Region"}],assign:d}],type:e,rules:[{conditions:[{[t]:"isSet",[u]:[j]}],type:e,rules:[{conditions:r,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:f},{type:e,rules:[{conditions:s,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:f},{endpoint:{url:j,properties:m,headers:m},type:g}]}]},{conditions:[k,l],type:e,rules:[{conditions:[n,p],type:e,rules:[{endpoint:{url:"https://acm-pca-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:g}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:f}]},{conditions:r,type:e,rules:[{conditions:[n],type:e,rules:[{type:e,rules:[{conditions:[{[t]:"stringEquals",[u]:["aws-us-gov",{[t]:h,[u]:[o,"name"]}]}],endpoint:q,type:g},{endpoint:{url:"https://acm-pca-fips.{Region}.{PartitionResult#dnsSuffix}",properties:m,headers:m},type:g}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:f}]},{conditions:s,type:e,rules:[{conditions:[p],type:e,rules:[{endpoint:{url:"https://acm-pca.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:m,headers:m},type:g}]},{error:"DualStack is enabled but this partition does not support DualStack",type:f}]},{endpoint:q,type:g}]}]};
const a="isSet",
b="tree",
c="error",
d="endpoint",
e="PartitionResult",
f="getAttr",
g={[s]:false,"type":"String"},
h={[s]:true,"default":false,"type":"Boolean"},
i={[v]:"Endpoint"},
j={[t]:"booleanEquals",[u]:[{[v]:"UseFIPS"},true]},
k={[t]:"booleanEquals",[u]:[{[v]:"UseDualStack"},true]},
l={},
m={[t]:"booleanEquals",[u]:[true,{[t]:f,[u]:[{[v]:e},"supportsFIPS"]}]},
n={[v]:e},
o={[t]:"booleanEquals",[u]:[true,{[t]:f,[u]:[n,"supportsDualStack"]}]},
p=[j],
q=[k],
r=[{[v]:"Region"}];
const _data={version:"1.0",parameters:{Region:g,UseDualStack:h,UseFIPS:h,Endpoint:g},rules:[{conditions:[{[t]:a,[u]:[i]}],type:b,rules:[{conditions:p,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:c},{type:b,rules:[{conditions:q,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:c},{endpoint:{url:i,properties:l,headers:l},type:d}]}]},{type:b,rules:[{conditions:[{[t]:a,[u]:r}],type:b,rules:[{conditions:[{[t]:"aws.partition",[u]:r,assign:e}],type:b,rules:[{conditions:[j,k],type:b,rules:[{conditions:[m,o],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://acm-pca-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:d}]}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:c}]},{conditions:p,type:b,rules:[{conditions:[m],type:b,rules:[{type:b,rules:[{conditions:[{[t]:"stringEquals",[u]:["aws-us-gov",{[t]:f,[u]:[n,"name"]}]}],endpoint:{url:"https://acm-pca.{Region}.amazonaws.com",properties:l,headers:l},type:d},{endpoint:{url:"https://acm-pca-fips.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:d}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:c}]},{conditions:q,type:b,rules:[{conditions:[o],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://acm-pca.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:l,headers:l},type:d}]}]},{error:"DualStack is enabled but this partition does not support DualStack",type:c}]},{type:b,rules:[{endpoint:{url:"https://acm-pca.{Region}.{PartitionResult#dnsSuffix}",properties:l,headers:l},type:d}]}]}]},{error:"Invalid Configuration: Missing Region",type:c}]}]};
export const ruleSet: RuleSetObject = _data;
33 changes: 13 additions & 20 deletions clients/client-acm-pca/src/models/models_0.ts
Original file line number Diff line number Diff line change
Expand Up @@ -780,23 +780,15 @@ export interface CreateCertificateAuthorityRequest {
* <p>Specifies a cryptographic key management compliance standard used for handling CA
* keys.</p>
* <p>Default: FIPS_140_2_LEVEL_3_OR_HIGHER</p>
* <p>
* <i>Note:</i>
* <code>FIPS_140_2_LEVEL_3_OR_HIGHER</code> is not supported in the following
* Regions:</p>
* <ul>
* <li>
* <p>ap-northeast-3</p>
* </li>
* <li>
* <p>ap-southeast-3</p>
* </li>
* </ul>
* <p>When creating a CA in these Regions, you must provide
* <code>FIPS_140_2_LEVEL_2_OR_HIGHER</code> as the argument for
* <code>KeyStorageSecurityStandard</code>. Failure to do this results in an
* <code>InvalidArgsException</code> with the message, "A certificate authority cannot
* be created in this region with the specified security standard."</p>
* <note>
* <p>Some Amazon Web Services Regions do not support the default. When creating a CA in these Regions, you
* must provide <code>FIPS_140_2_LEVEL_2_OR_HIGHER</code> as the argument for
* <code>KeyStorageSecurityStandard</code>. Failure to do this results in an
* <code>InvalidArgsException</code> with the message, "A certificate authority
* cannot be created in this region with the specified security standard."</p>
* <p>For information about security standard support in various Regions, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys">Storage
* and security compliance of Amazon Web Services Private CA private keys</a>.</p>
* </note>
*/
KeyStorageSecurityStandard?: KeyStorageSecurityStandard | string;

Expand Down Expand Up @@ -2018,8 +2010,8 @@ export interface IssueCertificateRequest {
* <p>This parameter should not be confused with the <code>SigningAlgorithm</code> parameter
* used to sign a CSR in the <code>CreateCertificateAuthority</code> action.</p>
* <note>
* <p>The specified signing algorithm family (RSA or ECDSA) much match the algorithm
* family of the CA's secret key.</p>
* <p>The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of
* the CA's secret key.</p>
* </note>
*/
SigningAlgorithm: SigningAlgorithm | string | undefined;
Expand Down Expand Up @@ -2067,7 +2059,8 @@ export interface IssueCertificateRequest {
* parameter is optional.</p>
* <p>The <code>ValidityNotBefore</code> value is expressed as an explicit date and time,
* using the <code>Validity</code> type value <code>ABSOLUTE</code>. For more information,
* see <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_Validity.html">Validity</a> in this API reference and <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5">Validity</a>
* see <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_Validity.html">Validity</a> in
* this API reference and <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5">Validity</a>
* in RFC 5280.</p>
*/
ValidityNotBefore?: Validity;
Expand Down
Loading

0 comments on commit 72364d2

Please sign in to comment.