Package software.amazon.awscdk.services.pcaconnectorad

Interface CfnTemplate.EnrollmentFlagsV2Property

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnTemplate.EnrollmentFlagsV2Property.Jsii$Proxy

Enclosing class:

CfnTemplate

@Stability(Stable)
public static interface CfnTemplate.EnrollmentFlagsV2Property
extends software.amazon.jsii.JsiiSerializable

Template configurations for v2 template schema.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.pcaconnectorad.*;
 EnrollmentFlagsV2Property enrollmentFlagsV2Property = EnrollmentFlagsV2Property.builder()
         .enableKeyReuseOnNtTokenKeysetStorageFull(false)
         .includeSymmetricAlgorithms(false)
         .noSecurityExtension(false)
         .removeInvalidCertificateFromPersonalStore(false)
         .userInteractionRequired(false)
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pcaconnectorad-template-enrollmentflagsv2.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnTemplate.EnrollmentFlagsV2Property.Builder	A builder for CfnTemplate.EnrollmentFlagsV2Property
static final class	CfnTemplate.EnrollmentFlagsV2Property.Jsii$Proxy	An implementation for CfnTemplate.EnrollmentFlagsV2Property

Method Summary

Modifier and Type	Method	Description
static CfnTemplate.EnrollmentFlagsV2Property.Builder	builder()
default Object	getEnableKeyReuseOnNtTokenKeysetStorageFull()	Allow renewal using the same key.
default Object	getIncludeSymmetricAlgorithms()	Include symmetric algorithms allowed by the subject.
default Object	getNoSecurityExtension()	This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate.
default Object	getRemoveInvalidCertificateFromPersonalStore()	Delete expired or revoked certificates instead of archiving them.
default Object	getUserInteractionRequired()	Require user interaction when the subject is enrolled and the private key associated with the certificate is used.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getEnableKeyReuseOnNtTokenKeysetStorageFull

@Stability(Stable)
@Nullable
default Object getEnableKeyReuseOnNtTokenKeysetStorageFull()

Allow renewal using the same key.

Returns union: either Boolean or IResolvable

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pcaconnectorad-template-enrollmentflagsv2.html#cfn-pcaconnectorad-template-enrollmentflagsv2-enablekeyreuseonnttokenkeysetstoragefull

getIncludeSymmetricAlgorithms

@Stability(Stable)
@Nullable
default Object getIncludeSymmetricAlgorithms()

Include symmetric algorithms allowed by the subject.

Returns union: either Boolean or IResolvable

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pcaconnectorad-template-enrollmentflagsv2.html#cfn-pcaconnectorad-template-enrollmentflagsv2-includesymmetricalgorithms

getNoSecurityExtension

@Stability(Stable)
@Nullable
default Object getNoSecurityExtension()

This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.

Returns union: either Boolean or IResolvable

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pcaconnectorad-template-enrollmentflagsv2.html#cfn-pcaconnectorad-template-enrollmentflagsv2-nosecurityextension

getRemoveInvalidCertificateFromPersonalStore

@Stability(Stable)
@Nullable
default Object getRemoveInvalidCertificateFromPersonalStore()

Delete expired or revoked certificates instead of archiving them.

Returns union: either Boolean or IResolvable

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pcaconnectorad-template-enrollmentflagsv2.html#cfn-pcaconnectorad-template-enrollmentflagsv2-removeinvalidcertificatefrompersonalstore

getUserInteractionRequired

@Stability(Stable)
@Nullable
default Object getUserInteractionRequired()

Require user interaction when the subject is enrolled and the private key associated with the certificate is used.

Returns union: either Boolean or IResolvable

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-pcaconnectorad-template-enrollmentflagsv2.html#cfn-pcaconnectorad-template-enrollmentflagsv2-userinteractionrequired

builder

@Stability(Stable)
static CfnTemplate.EnrollmentFlagsV2Property.Builder builder()

Returns:

a CfnTemplate.EnrollmentFlagsV2Property.Builder of CfnTemplate.EnrollmentFlagsV2Property