interface TemplateDefinitionProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.aws_pcaconnectorad.CfnTemplate.TemplateDefinitionProperty |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awspcaconnectorad#CfnTemplate_TemplateDefinitionProperty |
 Java | software.amazon.awscdk.services.pcaconnectorad.CfnTemplate.TemplateDefinitionProperty |
 Python | aws_cdk.aws_pcaconnectorad.CfnTemplate.TemplateDefinitionProperty |
 TypeScript | aws-cdk-lib » aws_pcaconnectorad » CfnTemplate » TemplateDefinitionProperty |
Template configuration to define the information included in certificates.
Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_pcaconnectorad as pcaconnectorad } from 'aws-cdk-lib';
const templateDefinitionProperty: pcaconnectorad.CfnTemplate.TemplateDefinitionProperty = {
templateV2: {
certificateValidity: {
renewalPeriod: {
period: 123,
periodType: 'periodType',
},
validityPeriod: {
period: 123,
periodType: 'periodType',
},
},
enrollmentFlags: {
enableKeyReuseOnNtTokenKeysetStorageFull: false,
includeSymmetricAlgorithms: false,
noSecurityExtension: false,
removeInvalidCertificateFromPersonalStore: false,
userInteractionRequired: false,
},
extensions: {
keyUsage: {
usageFlags: {
dataEncipherment: false,
digitalSignature: false,
keyAgreement: false,
keyEncipherment: false,
nonRepudiation: false,
},
// the properties below are optional
critical: false,
},
// the properties below are optional
applicationPolicies: {
policies: [{
policyObjectIdentifier: 'policyObjectIdentifier',
policyType: 'policyType',
}],
// the properties below are optional
critical: false,
},
},
generalFlags: {
autoEnrollment: false,
machineType: false,
},
privateKeyAttributes: {
keySpec: 'keySpec',
minimalKeyLength: 123,
// the properties below are optional
cryptoProviders: ['cryptoProviders'],
},
privateKeyFlags: {
clientVersion: 'clientVersion',
// the properties below are optional
exportableKey: false,
strongKeyProtectionRequired: false,
},
subjectNameFlags: {
requireCommonName: false,
requireDirectoryPath: false,
requireDnsAsCn: false,
requireEmail: false,
sanRequireDirectoryGuid: false,
sanRequireDns: false,
sanRequireDomainDns: false,
sanRequireEmail: false,
sanRequireSpn: false,
sanRequireUpn: false,
},
// the properties below are optional
supersededTemplates: ['supersededTemplates'],
},
templateV3: {
certificateValidity: {
renewalPeriod: {
period: 123,
periodType: 'periodType',
},
validityPeriod: {
period: 123,
periodType: 'periodType',
},
},
enrollmentFlags: {
enableKeyReuseOnNtTokenKeysetStorageFull: false,
includeSymmetricAlgorithms: false,
noSecurityExtension: false,
removeInvalidCertificateFromPersonalStore: false,
userInteractionRequired: false,
},
extensions: {
keyUsage: {
usageFlags: {
dataEncipherment: false,
digitalSignature: false,
keyAgreement: false,
keyEncipherment: false,
nonRepudiation: false,
},
// the properties below are optional
critical: false,
},
// the properties below are optional
applicationPolicies: {
policies: [{
policyObjectIdentifier: 'policyObjectIdentifier',
policyType: 'policyType',
}],
// the properties below are optional
critical: false,
},
},
generalFlags: {
autoEnrollment: false,
machineType: false,
},
hashAlgorithm: 'hashAlgorithm',
privateKeyAttributes: {
algorithm: 'algorithm',
keySpec: 'keySpec',
keyUsageProperty: {
propertyFlags: {
decrypt: false,
keyAgreement: false,
sign: false,
},
propertyType: 'propertyType',
},
minimalKeyLength: 123,
// the properties below are optional
cryptoProviders: ['cryptoProviders'],
},
privateKeyFlags: {
clientVersion: 'clientVersion',
// the properties below are optional
exportableKey: false,
requireAlternateSignatureAlgorithm: false,
strongKeyProtectionRequired: false,
},
subjectNameFlags: {
requireCommonName: false,
requireDirectoryPath: false,
requireDnsAsCn: false,
requireEmail: false,
sanRequireDirectoryGuid: false,
sanRequireDns: false,
sanRequireDomainDns: false,
sanRequireEmail: false,
sanRequireSpn: false,
sanRequireUpn: false,
},
// the properties below are optional
supersededTemplates: ['supersededTemplates'],
},
templateV4: {
certificateValidity: {
renewalPeriod: {
period: 123,
periodType: 'periodType',
},
validityPeriod: {
period: 123,
periodType: 'periodType',
},
},
enrollmentFlags: {
enableKeyReuseOnNtTokenKeysetStorageFull: false,
includeSymmetricAlgorithms: false,
noSecurityExtension: false,
removeInvalidCertificateFromPersonalStore: false,
userInteractionRequired: false,
},
extensions: {
keyUsage: {
usageFlags: {
dataEncipherment: false,
digitalSignature: false,
keyAgreement: false,
keyEncipherment: false,
nonRepudiation: false,
},
// the properties below are optional
critical: false,
},
// the properties below are optional
applicationPolicies: {
policies: [{
policyObjectIdentifier: 'policyObjectIdentifier',
policyType: 'policyType',
}],
// the properties below are optional
critical: false,
},
},
generalFlags: {
autoEnrollment: false,
machineType: false,
},
privateKeyAttributes: {
keySpec: 'keySpec',
minimalKeyLength: 123,
// the properties below are optional
algorithm: 'algorithm',
cryptoProviders: ['cryptoProviders'],
keyUsageProperty: {
propertyFlags: {
decrypt: false,
keyAgreement: false,
sign: false,
},
propertyType: 'propertyType',
},
},
privateKeyFlags: {
clientVersion: 'clientVersion',
// the properties below are optional
exportableKey: false,
requireAlternateSignatureAlgorithm: false,
requireSameKeyRenewal: false,
strongKeyProtectionRequired: false,
useLegacyProvider: false,
},
subjectNameFlags: {
requireCommonName: false,
requireDirectoryPath: false,
requireDnsAsCn: false,
requireEmail: false,
sanRequireDirectoryGuid: false,
sanRequireDns: false,
sanRequireDomainDns: false,
sanRequireEmail: false,
sanRequireSpn: false,
sanRequireUpn: false,
},
// the properties below are optional
hashAlgorithm: 'hashAlgorithm',
supersededTemplates: ['supersededTemplates'],
},
};
Properties
| Name | Type | Description |
|---|---|---|
| template | IResolvable | Template | Template configuration to define the information included in certificates. |
| template | IResolvable | Template | Template configuration to define the information included in certificates. |
| template | IResolvable | Template | Template configuration to define the information included in certificates. |
templateV2?
Type:
IResolvable | Template
(optional)
Template configuration to define the information included in certificates.
Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.
templateV3?
Type:
IResolvable | Template
(optional)
Template configuration to define the information included in certificates.
Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.
templateV4?
Type:
IResolvable | Template
(optional)
Template configuration to define the information included in certificates.
Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.