Amazon Private CA · Schema

UpdateCertificateAuthorityRequest

UpdateCertificateAuthorityRequest schema from Amazon Private CA API

Certificate AuthorityCertificatesPKISecurityX.509TLSIoT

Properties

Name Type Description
CertificateAuthorityArn object
RevocationConfiguration object
Status object
View JSON Schema on GitHub

JSON Schema

amazon-private-ca-update-certificate-authority-request-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-private-ca/refs/heads/main/json-schema/amazon-private-ca-update-certificate-authority-request-schema.json",
  "title": "UpdateCertificateAuthorityRequest",
  "description": "UpdateCertificateAuthorityRequest schema from Amazon Private CA API",
  "type": "object",
  "properties": {
    "CertificateAuthorityArn": {
      "allOf": [
        {
          "$ref": "#/components/schemas/Arn"
        },
        {
          "description": "<p>Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:</p> <p> <code>arn:aws:acm-pca:<i>region</i>:<i>account</i>:certificate-authority/<i>12345678-1234-1234-1234-123456789012</i> </code> </p>"
        }
      ]
    },
    "RevocationConfiguration": {
      "allOf": [
        {
          "$ref": "#/components/schemas/RevocationConfiguration"
        },
        {
          "description": "<p>Contains information to enable Online Certificate Status Protocol (OCSP) support, to enable a certificate revocation list (CRL), to enable both, or to enable neither. If this parameter is not supplied, existing capibilites remain unchanged. For more information, see the <a href=\"https://docs.aws.amazon.com/privateca/latest/APIReference/API_OcspConfiguration.html\">OcspConfiguration</a> and <a href=\"https://docs.aws.amazon.com/privateca/latest/APIReference/API_CrlConfiguration.html\">CrlConfiguration</a> types.</p> <note> <p>The following requirements apply to revocation configurations.</p> <ul> <li> <p>A configuration disabling CRLs or OCSP must contain only the <code>Enabled=False</code> parameter, and will fail if other parameters such as <code>CustomCname</code> or <code>ExpirationInDays</code> are included.</p> </li> <li> <p>In a CRL configuration, the <code>S3BucketName</code> parameter must conform to <a href=\"https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html\">Amazon S3 bucket naming rules</a>.</p> </li> <li> <p>A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to <a href=\"https://www.ietf.org/rfc/rfc2396.txt\">RFC2396</a> restrictions on the use of special characters in a CNAME. </p> </li> <li> <p>In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as \"http://\" or \"https://\".</p> </li> </ul> </note>"
        }
      ]
    },
    "Status": {
      "allOf": [
        {
          "$ref": "#/components/schemas/CertificateAuthorityStatus"
        },
        {
          "description": "Status of your private CA."
        }
      ]
    }
  },
  "required": [
    "CertificateAuthorityArn"
  ]
}