AWS::ACMPCA::Certificate KeyUsage - AWS CloudFormation

AWS::ACMPCA::Certificate KeyUsage

Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "CRLSign" : Boolean, "DataEncipherment" : Boolean, "DecipherOnly" : Boolean, "DigitalSignature" : Boolean, "EncipherOnly" : Boolean, "KeyAgreement" : Boolean, "KeyCertSign" : Boolean, "KeyEncipherment" : Boolean, "NonRepudiation" : Boolean }

YAML

CRLSign: Boolean DataEncipherment: Boolean DecipherOnly: Boolean DigitalSignature: Boolean EncipherOnly: Boolean KeyAgreement: Boolean KeyCertSign: Boolean KeyEncipherment: Boolean NonRepudiation: Boolean

Properties

CRLSign

Key can be used to sign CRLs.

Required: No

Type: Boolean

Update requires: Replacement

DataEncipherment

Key can be used to decipher data.

Required: No

Type: Boolean

Update requires: Replacement

DecipherOnly

Key can be used only to decipher data.

Required: No

Type: Boolean

Update requires: Replacement

DigitalSignature

Key can be used for digital signing.

Required: No

Type: Boolean

Update requires: Replacement

EncipherOnly

Key can be used only to encipher data.

Required: No

Type: Boolean

Update requires: Replacement

KeyAgreement

Key can be used in a key-agreement protocol.

Required: No

Type: Boolean

Update requires: Replacement

KeyCertSign

Key can be used to sign certificates.

Required: No

Type: Boolean

Update requires: Replacement

KeyEncipherment

Key can be used to encipher data.

Required: No

Type: Boolean

Update requires: Replacement

NonRepudiation

Key can be used for non-repudiation.

Required: No

Type: Boolean

Update requires: Replacement