Class CfnTemplate
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.pcaconnectorad.CfnTemplate
- All Implemented Interfaces:
IInspectable
,ITaggableV2
,software.amazon.jsii.JsiiSerializable
,software.constructs.IConstruct
,software.constructs.IDependable
@Generated(value="jsii-pacmak/1.104.0 (build e79254c)",
date="2024-11-22T02:24:05.179Z")
@Stability(Stable)
public class CfnTemplate
extends CfnResource
implements IInspectable, ITaggableV2
Creates an Active Directory compatible certificate template.
The connectors issues certificates using these templates based on the requester’s Active Directory group membership.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.pcaconnectorad.*; CfnTemplate cfnTemplate = CfnTemplate.Builder.create(this, "MyCfnTemplate") .connectorArn("connectorArn") .definition(TemplateDefinitionProperty.builder() .templateV2(TemplateV2Property.builder() .certificateValidity(CertificateValidityProperty.builder() .renewalPeriod(ValidityPeriodProperty.builder() .period(123) .periodType("periodType") .build()) .validityPeriod(ValidityPeriodProperty.builder() .period(123) .periodType("periodType") .build()) .build()) .enrollmentFlags(EnrollmentFlagsV2Property.builder() .enableKeyReuseOnNtTokenKeysetStorageFull(false) .includeSymmetricAlgorithms(false) .noSecurityExtension(false) .removeInvalidCertificateFromPersonalStore(false) .userInteractionRequired(false) .build()) .extensions(ExtensionsV2Property.builder() .keyUsage(KeyUsageProperty.builder() .usageFlags(KeyUsageFlagsProperty.builder() .dataEncipherment(false) .digitalSignature(false) .keyAgreement(false) .keyEncipherment(false) .nonRepudiation(false) .build()) // the properties below are optional .critical(false) .build()) // the properties below are optional .applicationPolicies(ApplicationPoliciesProperty.builder() .policies(List.of(ApplicationPolicyProperty.builder() .policyObjectIdentifier("policyObjectIdentifier") .policyType("policyType") .build())) // the properties below are optional .critical(false) .build()) .build()) .generalFlags(GeneralFlagsV2Property.builder() .autoEnrollment(false) .machineType(false) .build()) .privateKeyAttributes(PrivateKeyAttributesV2Property.builder() .keySpec("keySpec") .minimalKeyLength(123) // the properties below are optional .cryptoProviders(List.of("cryptoProviders")) .build()) .privateKeyFlags(PrivateKeyFlagsV2Property.builder() .clientVersion("clientVersion") // the properties below are optional .exportableKey(false) .strongKeyProtectionRequired(false) .build()) .subjectNameFlags(SubjectNameFlagsV2Property.builder() .requireCommonName(false) .requireDirectoryPath(false) .requireDnsAsCn(false) .requireEmail(false) .sanRequireDirectoryGuid(false) .sanRequireDns(false) .sanRequireDomainDns(false) .sanRequireEmail(false) .sanRequireSpn(false) .sanRequireUpn(false) .build()) // the properties below are optional .supersededTemplates(List.of("supersededTemplates")) .build()) .templateV3(TemplateV3Property.builder() .certificateValidity(CertificateValidityProperty.builder() .renewalPeriod(ValidityPeriodProperty.builder() .period(123) .periodType("periodType") .build()) .validityPeriod(ValidityPeriodProperty.builder() .period(123) .periodType("periodType") .build()) .build()) .enrollmentFlags(EnrollmentFlagsV3Property.builder() .enableKeyReuseOnNtTokenKeysetStorageFull(false) .includeSymmetricAlgorithms(false) .noSecurityExtension(false) .removeInvalidCertificateFromPersonalStore(false) .userInteractionRequired(false) .build()) .extensions(ExtensionsV3Property.builder() .keyUsage(KeyUsageProperty.builder() .usageFlags(KeyUsageFlagsProperty.builder() .dataEncipherment(false) .digitalSignature(false) .keyAgreement(false) .keyEncipherment(false) .nonRepudiation(false) .build()) // the properties below are optional .critical(false) .build()) // the properties below are optional .applicationPolicies(ApplicationPoliciesProperty.builder() .policies(List.of(ApplicationPolicyProperty.builder() .policyObjectIdentifier("policyObjectIdentifier") .policyType("policyType") .build())) // the properties below are optional .critical(false) .build()) .build()) .generalFlags(GeneralFlagsV3Property.builder() .autoEnrollment(false) .machineType(false) .build()) .hashAlgorithm("hashAlgorithm") .privateKeyAttributes(PrivateKeyAttributesV3Property.builder() .algorithm("algorithm") .keySpec("keySpec") .keyUsageProperty(KeyUsagePropertyProperty.builder() .propertyFlags(KeyUsagePropertyFlagsProperty.builder() .decrypt(false) .keyAgreement(false) .sign(false) .build()) .propertyType("propertyType") .build()) .minimalKeyLength(123) // the properties below are optional .cryptoProviders(List.of("cryptoProviders")) .build()) .privateKeyFlags(PrivateKeyFlagsV3Property.builder() .clientVersion("clientVersion") // the properties below are optional .exportableKey(false) .requireAlternateSignatureAlgorithm(false) .strongKeyProtectionRequired(false) .build()) .subjectNameFlags(SubjectNameFlagsV3Property.builder() .requireCommonName(false) .requireDirectoryPath(false) .requireDnsAsCn(false) .requireEmail(false) .sanRequireDirectoryGuid(false) .sanRequireDns(false) .sanRequireDomainDns(false) .sanRequireEmail(false) .sanRequireSpn(false) .sanRequireUpn(false) .build()) // the properties below are optional .supersededTemplates(List.of("supersededTemplates")) .build()) .templateV4(TemplateV4Property.builder() .certificateValidity(CertificateValidityProperty.builder() .renewalPeriod(ValidityPeriodProperty.builder() .period(123) .periodType("periodType") .build()) .validityPeriod(ValidityPeriodProperty.builder() .period(123) .periodType("periodType") .build()) .build()) .enrollmentFlags(EnrollmentFlagsV4Property.builder() .enableKeyReuseOnNtTokenKeysetStorageFull(false) .includeSymmetricAlgorithms(false) .noSecurityExtension(false) .removeInvalidCertificateFromPersonalStore(false) .userInteractionRequired(false) .build()) .extensions(ExtensionsV4Property.builder() .keyUsage(KeyUsageProperty.builder() .usageFlags(KeyUsageFlagsProperty.builder() .dataEncipherment(false) .digitalSignature(false) .keyAgreement(false) .keyEncipherment(false) .nonRepudiation(false) .build()) // the properties below are optional .critical(false) .build()) // the properties below are optional .applicationPolicies(ApplicationPoliciesProperty.builder() .policies(List.of(ApplicationPolicyProperty.builder() .policyObjectIdentifier("policyObjectIdentifier") .policyType("policyType") .build())) // the properties below are optional .critical(false) .build()) .build()) .generalFlags(GeneralFlagsV4Property.builder() .autoEnrollment(false) .machineType(false) .build()) .privateKeyAttributes(PrivateKeyAttributesV4Property.builder() .keySpec("keySpec") .minimalKeyLength(123) // the properties below are optional .algorithm("algorithm") .cryptoProviders(List.of("cryptoProviders")) .keyUsageProperty(KeyUsagePropertyProperty.builder() .propertyFlags(KeyUsagePropertyFlagsProperty.builder() .decrypt(false) .keyAgreement(false) .sign(false) .build()) .propertyType("propertyType") .build()) .build()) .privateKeyFlags(PrivateKeyFlagsV4Property.builder() .clientVersion("clientVersion") // the properties below are optional .exportableKey(false) .requireAlternateSignatureAlgorithm(false) .requireSameKeyRenewal(false) .strongKeyProtectionRequired(false) .useLegacyProvider(false) .build()) .subjectNameFlags(SubjectNameFlagsV4Property.builder() .requireCommonName(false) .requireDirectoryPath(false) .requireDnsAsCn(false) .requireEmail(false) .sanRequireDirectoryGuid(false) .sanRequireDns(false) .sanRequireDomainDns(false) .sanRequireEmail(false) .sanRequireSpn(false) .sanRequireUpn(false) .build()) // the properties below are optional .hashAlgorithm("hashAlgorithm") .supersededTemplates(List.of("supersededTemplates")) .build()) .build()) .name("name") // the properties below are optional .reenrollAllCertificateHolders(false) .tags(Map.of( "tagsKey", "tags")) .build();
- See Also:
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic interface
Application policies describe what the certificate can be used for.static interface
Application policies describe what the certificate can be used for.static final class
A fluent builder forCfnTemplate
.static interface
Information describing the end of the validity period of the certificate.static interface
Template configurations for v2 template schema.static interface
Template configurations for v3 template schema.static interface
Template configurations for v4 template schema.static interface
Certificate extensions for v2 template schema.static interface
Certificate extensions for v3 template schema.static interface
Certificate extensions for v4 template schema.static interface
General flags for v2 template schema that defines if the template is for a machine or a user and if the template can be issued using autoenrollment.static interface
General flags for v3 template schema that defines if the template is for a machine or a user and if the template can be issued using autoenrollment.static interface
General flags for v4 template schema that defines if the template is for a machine or a user and if the template can be issued using autoenrollment.static interface
The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.static interface
The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.static interface
Specifies key usage.static interface
The key usage property defines the purpose of the private key contained in the certificate.static interface
Defines the attributes of the private key.static interface
Defines the attributes of the private key.static interface
Defines the attributes of the private key.static interface
Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.static interface
Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.static interface
Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.static interface
Information to include in the subject name and alternate subject name of the certificate.static interface
Information to include in the subject name and alternate subject name of the certificate.static interface
Information to include in the subject name and alternate subject name of the certificate.static interface
Template configuration to define the information included in certificates.static interface
v2 template schema that uses Legacy Cryptographic Providers.static interface
v3 template schema that uses Key Storage Providers.static interface
v4 template schema that can use either Legacy Cryptographic Providers or Key Storage Providers.static interface
Information describing the end of the validity period of the certificate.Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
Nested classes/interfaces inherited from interface software.amazon.awscdk.ITaggableV2
ITaggableV2.Jsii$Default, ITaggableV2.Jsii$Proxy
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The CloudFormation resource type name for this resource class. -
Constructor Summary
ModifierConstructorDescriptionprotected
CfnTemplate
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
CfnTemplate
(software.amazon.jsii.JsiiObjectRef objRef) CfnTemplate
(software.constructs.Construct scope, String id, CfnTemplateProps props) -
Method Summary
Modifier and TypeMethodDescriptionThe Amazon Resource Name (ARN) that was returned when you called CreateTemplate .Tag Manager which manages the tags for this resource.The Amazon Resource Name (ARN) that was returned when you called CreateConnector .Template configuration to define the information included in certificates.getName()
Name of the templates.This setting allows the major version of a template to be increased automatically.getTags()
Metadata assigned to a template consisting of a key-value pair.void
inspect
(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties
(Map<String, Object> props) void
setConnectorArn
(String value) The Amazon Resource Name (ARN) that was returned when you called CreateConnector .void
setDefinition
(IResolvable value) Template configuration to define the information included in certificates.void
Template configuration to define the information included in certificates.void
Name of the templates.void
This setting allows the major version of a template to be increased automatically.void
This setting allows the major version of a template to be increased automatically.void
Metadata assigned to a template consisting of a key-value pair.Methods inherited from class software.amazon.awscdk.CfnResource
addDeletionOverride, addDependency, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, obtainDependencies, obtainResourceDependencies, removeDependency, replaceDependency, shouldSynthesize, toString, validateProperties
Methods inherited from class software.amazon.awscdk.CfnRefElement
getRef
Methods inherited from class software.amazon.awscdk.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
Methods inherited from class software.constructs.Construct
getNode, isConstruct
Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnTemplate
protected CfnTemplate(software.amazon.jsii.JsiiObjectRef objRef) -
CfnTemplate
protected CfnTemplate(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnTemplate
@Stability(Stable) public CfnTemplate(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnTemplateProps props) - Parameters:
scope
- Scope in which this resource is defined. This parameter is required.id
- Construct identifier for this resource (unique in its scope). This parameter is required.props
- Resource properties. This parameter is required.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspect
in interfaceIInspectable
- Parameters:
inspector
- tree inspector to collect and process attributes. This parameter is required.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderProperties
in classCfnResource
- Parameters:
props
- This parameter is required.
-
getAttrTemplateArn
The Amazon Resource Name (ARN) that was returned when you called CreateTemplate . -
getCdkTagManager
Tag Manager which manages the tags for this resource.- Specified by:
getCdkTagManager
in interfaceITaggableV2
-
getCfnProperties
- Overrides:
getCfnProperties
in classCfnResource
-
getConnectorArn
The Amazon Resource Name (ARN) that was returned when you called CreateConnector . -
setConnectorArn
The Amazon Resource Name (ARN) that was returned when you called CreateConnector . -
getDefinition
Template configuration to define the information included in certificates. -
setDefinition
Template configuration to define the information included in certificates. -
setDefinition
Template configuration to define the information included in certificates. -
getName
Name of the templates. -
setName
Name of the templates. -
getReenrollAllCertificateHolders
This setting allows the major version of a template to be increased automatically. -
setReenrollAllCertificateHolders
This setting allows the major version of a template to be increased automatically. -
setReenrollAllCertificateHolders
This setting allows the major version of a template to be increased automatically. -
getTags
Metadata assigned to a template consisting of a key-value pair. -
setTags
Metadata assigned to a template consisting of a key-value pair.
-