AWS::ACMPCA::CertificateAuthority KeyUsage
Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "CRLSign" :Boolean, "DataEncipherment" :Boolean, "DecipherOnly" :Boolean, "DigitalSignature" :Boolean, "EncipherOnly" :Boolean, "KeyAgreement" :Boolean, "KeyCertSign" :Boolean, "KeyEncipherment" :Boolean, "NonRepudiation" :Boolean}
YAML
CRLSign:BooleanDataEncipherment:BooleanDecipherOnly:BooleanDigitalSignature:BooleanEncipherOnly:BooleanKeyAgreement:BooleanKeyCertSign:BooleanKeyEncipherment:BooleanNonRepudiation:Boolean
Properties
-
Key can be used to sign CRLs.
Required: No
Type: Boolean
Update requires: Replacement
-
Key can be used to decipher data.
Required: No
Type: Boolean
Update requires: Replacement
-
Key can be used only to decipher data.
Required: No
Type: Boolean
Update requires: Replacement
-
Key can be used for digital signing.
Required: No
Type: Boolean
Update requires: Replacement
-
Key can be used only to encipher data.
Required: No
Type: Boolean
Update requires: Replacement
-
Key can be used in a key-agreement protocol.
Required: No
Type: Boolean
Update requires: Replacement
-
Key can be used to sign certificates.
Required: No
Type: Boolean
Update requires: Replacement
-
Key can be used to encipher data.
Required: No
Type: Boolean
Update requires: Replacement
-
Key can be used for non-repudiation.
Required: No
Type: Boolean
Update requires: Replacement
