Class CfnTemplate
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.CfnElement
software.amazon.awscdk.CfnRefElement
software.amazon.awscdk.CfnResource
software.amazon.awscdk.services.pcaconnectorad.CfnTemplate
- All Implemented Interfaces:
IInspectable,ITaggableV2,ITemplateRef,software.amazon.jsii.JsiiSerializable,software.constructs.IConstruct,software.constructs.IDependable
@Generated(value="jsii-pacmak/1.116.0 (build 0eddcff)",
date="2025-10-29T11:15:44.468Z")
@Stability(Stable)
public class CfnTemplate
extends CfnResource
implements IInspectable, ITemplateRef, ITaggableV2
Creates an Active Directory compatible certificate template.
The connectors issues certificates using these templates based on the requester’s Active Directory group membership.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import software.amazon.awscdk.services.pcaconnectorad.*;
CfnTemplate cfnTemplate = CfnTemplate.Builder.create(this, "MyCfnTemplate")
.connectorArn("connectorArn")
.definition(TemplateDefinitionProperty.builder()
.templateV2(TemplateV2Property.builder()
.certificateValidity(CertificateValidityProperty.builder()
.renewalPeriod(ValidityPeriodProperty.builder()
.period(123)
.periodType("periodType")
.build())
.validityPeriod(ValidityPeriodProperty.builder()
.period(123)
.periodType("periodType")
.build())
.build())
.enrollmentFlags(EnrollmentFlagsV2Property.builder()
.enableKeyReuseOnNtTokenKeysetStorageFull(false)
.includeSymmetricAlgorithms(false)
.noSecurityExtension(false)
.removeInvalidCertificateFromPersonalStore(false)
.userInteractionRequired(false)
.build())
.extensions(ExtensionsV2Property.builder()
.keyUsage(KeyUsageProperty.builder()
.usageFlags(KeyUsageFlagsProperty.builder()
.dataEncipherment(false)
.digitalSignature(false)
.keyAgreement(false)
.keyEncipherment(false)
.nonRepudiation(false)
.build())
// the properties below are optional
.critical(false)
.build())
// the properties below are optional
.applicationPolicies(ApplicationPoliciesProperty.builder()
.policies(List.of(ApplicationPolicyProperty.builder()
.policyObjectIdentifier("policyObjectIdentifier")
.policyType("policyType")
.build()))
// the properties below are optional
.critical(false)
.build())
.build())
.generalFlags(GeneralFlagsV2Property.builder()
.autoEnrollment(false)
.machineType(false)
.build())
.privateKeyAttributes(PrivateKeyAttributesV2Property.builder()
.keySpec("keySpec")
.minimalKeyLength(123)
// the properties below are optional
.cryptoProviders(List.of("cryptoProviders"))
.build())
.privateKeyFlags(PrivateKeyFlagsV2Property.builder()
.clientVersion("clientVersion")
// the properties below are optional
.exportableKey(false)
.strongKeyProtectionRequired(false)
.build())
.subjectNameFlags(SubjectNameFlagsV2Property.builder()
.requireCommonName(false)
.requireDirectoryPath(false)
.requireDnsAsCn(false)
.requireEmail(false)
.sanRequireDirectoryGuid(false)
.sanRequireDns(false)
.sanRequireDomainDns(false)
.sanRequireEmail(false)
.sanRequireSpn(false)
.sanRequireUpn(false)
.build())
// the properties below are optional
.supersededTemplates(List.of("supersededTemplates"))
.build())
.templateV3(TemplateV3Property.builder()
.certificateValidity(CertificateValidityProperty.builder()
.renewalPeriod(ValidityPeriodProperty.builder()
.period(123)
.periodType("periodType")
.build())
.validityPeriod(ValidityPeriodProperty.builder()
.period(123)
.periodType("periodType")
.build())
.build())
.enrollmentFlags(EnrollmentFlagsV3Property.builder()
.enableKeyReuseOnNtTokenKeysetStorageFull(false)
.includeSymmetricAlgorithms(false)
.noSecurityExtension(false)
.removeInvalidCertificateFromPersonalStore(false)
.userInteractionRequired(false)
.build())
.extensions(ExtensionsV3Property.builder()
.keyUsage(KeyUsageProperty.builder()
.usageFlags(KeyUsageFlagsProperty.builder()
.dataEncipherment(false)
.digitalSignature(false)
.keyAgreement(false)
.keyEncipherment(false)
.nonRepudiation(false)
.build())
// the properties below are optional
.critical(false)
.build())
// the properties below are optional
.applicationPolicies(ApplicationPoliciesProperty.builder()
.policies(List.of(ApplicationPolicyProperty.builder()
.policyObjectIdentifier("policyObjectIdentifier")
.policyType("policyType")
.build()))
// the properties below are optional
.critical(false)
.build())
.build())
.generalFlags(GeneralFlagsV3Property.builder()
.autoEnrollment(false)
.machineType(false)
.build())
.hashAlgorithm("hashAlgorithm")
.privateKeyAttributes(PrivateKeyAttributesV3Property.builder()
.algorithm("algorithm")
.keySpec("keySpec")
.keyUsageProperty(KeyUsagePropertyProperty.builder()
.propertyFlags(KeyUsagePropertyFlagsProperty.builder()
.decrypt(false)
.keyAgreement(false)
.sign(false)
.build())
.propertyType("propertyType")
.build())
.minimalKeyLength(123)
// the properties below are optional
.cryptoProviders(List.of("cryptoProviders"))
.build())
.privateKeyFlags(PrivateKeyFlagsV3Property.builder()
.clientVersion("clientVersion")
// the properties below are optional
.exportableKey(false)
.requireAlternateSignatureAlgorithm(false)
.strongKeyProtectionRequired(false)
.build())
.subjectNameFlags(SubjectNameFlagsV3Property.builder()
.requireCommonName(false)
.requireDirectoryPath(false)
.requireDnsAsCn(false)
.requireEmail(false)
.sanRequireDirectoryGuid(false)
.sanRequireDns(false)
.sanRequireDomainDns(false)
.sanRequireEmail(false)
.sanRequireSpn(false)
.sanRequireUpn(false)
.build())
// the properties below are optional
.supersededTemplates(List.of("supersededTemplates"))
.build())
.templateV4(TemplateV4Property.builder()
.certificateValidity(CertificateValidityProperty.builder()
.renewalPeriod(ValidityPeriodProperty.builder()
.period(123)
.periodType("periodType")
.build())
.validityPeriod(ValidityPeriodProperty.builder()
.period(123)
.periodType("periodType")
.build())
.build())
.enrollmentFlags(EnrollmentFlagsV4Property.builder()
.enableKeyReuseOnNtTokenKeysetStorageFull(false)
.includeSymmetricAlgorithms(false)
.noSecurityExtension(false)
.removeInvalidCertificateFromPersonalStore(false)
.userInteractionRequired(false)
.build())
.extensions(ExtensionsV4Property.builder()
.keyUsage(KeyUsageProperty.builder()
.usageFlags(KeyUsageFlagsProperty.builder()
.dataEncipherment(false)
.digitalSignature(false)
.keyAgreement(false)
.keyEncipherment(false)
.nonRepudiation(false)
.build())
// the properties below are optional
.critical(false)
.build())
// the properties below are optional
.applicationPolicies(ApplicationPoliciesProperty.builder()
.policies(List.of(ApplicationPolicyProperty.builder()
.policyObjectIdentifier("policyObjectIdentifier")
.policyType("policyType")
.build()))
// the properties below are optional
.critical(false)
.build())
.build())
.generalFlags(GeneralFlagsV4Property.builder()
.autoEnrollment(false)
.machineType(false)
.build())
.privateKeyAttributes(PrivateKeyAttributesV4Property.builder()
.keySpec("keySpec")
.minimalKeyLength(123)
// the properties below are optional
.algorithm("algorithm")
.cryptoProviders(List.of("cryptoProviders"))
.keyUsageProperty(KeyUsagePropertyProperty.builder()
.propertyFlags(KeyUsagePropertyFlagsProperty.builder()
.decrypt(false)
.keyAgreement(false)
.sign(false)
.build())
.propertyType("propertyType")
.build())
.build())
.privateKeyFlags(PrivateKeyFlagsV4Property.builder()
.clientVersion("clientVersion")
// the properties below are optional
.exportableKey(false)
.requireAlternateSignatureAlgorithm(false)
.requireSameKeyRenewal(false)
.strongKeyProtectionRequired(false)
.useLegacyProvider(false)
.build())
.subjectNameFlags(SubjectNameFlagsV4Property.builder()
.requireCommonName(false)
.requireDirectoryPath(false)
.requireDnsAsCn(false)
.requireEmail(false)
.sanRequireDirectoryGuid(false)
.sanRequireDns(false)
.sanRequireDomainDns(false)
.sanRequireEmail(false)
.sanRequireSpn(false)
.sanRequireUpn(false)
.build())
// the properties below are optional
.hashAlgorithm("hashAlgorithm")
.supersededTemplates(List.of("supersededTemplates"))
.build())
.build())
.name("name")
// the properties below are optional
.reenrollAllCertificateHolders(false)
.tags(Map.of(
"tagsKey", "tags"))
.build();
- See Also:
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic interfaceApplication policies describe what the certificate can be used for.static interfaceApplication policies describe what the certificate can be used for.static final classA fluent builder forCfnTemplate.static interfaceInformation describing the end of the validity period of the certificate.static interfaceTemplate configurations for v2 template schema.static interfaceTemplate configurations for v3 template schema.static interfaceTemplate configurations for v4 template schema.static interfaceCertificate extensions for v2 template schema.static interfaceCertificate extensions for v3 template schema.static interfaceCertificate extensions for v4 template schema.static interfaceGeneral flags for v2 template schema that defines if the template is for a machine or a user and if the template can be issued using autoenrollment.static interfaceGeneral flags for v3 template schema that defines if the template is for a machine or a user and if the template can be issued using autoenrollment.static interfaceGeneral flags for v4 template schema that defines if the template is for a machine or a user and if the template can be issued using autoenrollment.static interfaceThe key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.static interfaceThe key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.static interfaceSpecifies key usage.static interfaceThe key usage property defines the purpose of the private key contained in the certificate.static interfaceDefines the attributes of the private key.static interfaceDefines the attributes of the private key.static interfaceDefines the attributes of the private key.static interfacePrivate key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.static interfacePrivate key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.static interfacePrivate key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.static interfaceInformation to include in the subject name and alternate subject name of the certificate.static interfaceInformation to include in the subject name and alternate subject name of the certificate.static interfaceInformation to include in the subject name and alternate subject name of the certificate.static interfaceTemplate configuration to define the information included in certificates.static interfacev2 template schema that uses Legacy Cryptographic Providers.static interfacev3 template schema that uses Key Storage Providers.static interfacev4 template schema that can use either Legacy Cryptographic Providers or Key Storage Providers.static interfaceInformation describing the end of the validity period of the certificate.Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationModeNested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$DefaultNested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$ProxyNested classes/interfaces inherited from interface software.amazon.awscdk.ITaggableV2
ITaggableV2.Jsii$Default, ITaggableV2.Jsii$ProxyNested classes/interfaces inherited from interface software.amazon.awscdk.services.pcaconnectorad.ITemplateRef
ITemplateRef.Jsii$Default, ITemplateRef.Jsii$Proxy -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final StringThe CloudFormation resource type name for this resource class. -
Constructor Summary
ConstructorsModifierConstructorDescriptionprotectedCfnTemplate(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protectedCfnTemplate(software.amazon.jsii.JsiiObjectRef objRef) CfnTemplate(software.constructs.Construct scope, String id, CfnTemplateProps props) -
Method Summary
Modifier and TypeMethodDescriptionThe Amazon Resource Name (ARN) that was returned when you called CreateTemplate .Tag Manager which manages the tags for this resource.The Amazon Resource Name (ARN) that was returned when you called CreateConnector .Template configuration to define the information included in certificates.getName()Name of the templates.This setting allows the major version of a template to be increased automatically.getTags()Metadata assigned to a template consisting of a key-value pair.A reference to a Template resource.voidinspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties(Map<String, Object> props) voidsetConnectorArn(String value) The Amazon Resource Name (ARN) that was returned when you called CreateConnector .voidsetDefinition(IResolvable value) Template configuration to define the information included in certificates.voidTemplate configuration to define the information included in certificates.voidName of the templates.voidThis setting allows the major version of a template to be increased automatically.voidThis setting allows the major version of a template to be increased automatically.voidMetadata assigned to a template consisting of a key-value pair.Methods inherited from class software.amazon.awscdk.CfnResource
addDeletionOverride, addDependency, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, obtainDependencies, obtainResourceDependencies, removeDependency, replaceDependency, shouldSynthesize, toString, validatePropertiesMethods inherited from class software.amazon.awscdk.CfnRefElement
getRefMethods inherited from class software.amazon.awscdk.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalIdMethods inherited from class software.constructs.Construct
getNode, isConstructMethods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSetMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface software.constructs.IConstruct
getNodeMethods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnTemplate
protected CfnTemplate(software.amazon.jsii.JsiiObjectRef objRef) -
CfnTemplate
protected CfnTemplate(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnTemplate
@Stability(Stable) public CfnTemplate(@NotNull software.constructs.Construct scope, @NotNull String id, @NotNull CfnTemplateProps props) - Parameters:
scope- Scope in which this resource is defined. This parameter is required.id- Construct identifier for this resource (unique in its scope). This parameter is required.props- Resource properties. This parameter is required.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspectin interfaceIInspectable- Parameters:
inspector- tree inspector to collect and process attributes. This parameter is required.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderPropertiesin classCfnResource- Parameters:
props- This parameter is required.
-
getAttrTemplateArn
The Amazon Resource Name (ARN) that was returned when you called CreateTemplate . -
getCdkTagManager
Tag Manager which manages the tags for this resource.- Specified by:
getCdkTagManagerin interfaceITaggableV2
-
getCfnProperties
- Overrides:
getCfnPropertiesin classCfnResource
-
getTemplateRef
A reference to a Template resource.- Specified by:
getTemplateRefin interfaceITemplateRef
-
getConnectorArn
The Amazon Resource Name (ARN) that was returned when you called CreateConnector . -
setConnectorArn
The Amazon Resource Name (ARN) that was returned when you called CreateConnector . -
getDefinition
Template configuration to define the information included in certificates.Returns union: either
IResolvableorCfnTemplate.TemplateDefinitionProperty -
setDefinition
Template configuration to define the information included in certificates. -
setDefinition
Template configuration to define the information included in certificates. -
getName
Name of the templates. -
setName
Name of the templates. -
getReenrollAllCertificateHolders
This setting allows the major version of a template to be increased automatically.Returns union: either
BooleanorIResolvable -
setReenrollAllCertificateHolders
This setting allows the major version of a template to be increased automatically. -
setReenrollAllCertificateHolders
This setting allows the major version of a template to be increased automatically. -
getTags
Metadata assigned to a template consisting of a key-value pair. -
setTags
Metadata assigned to a template consisting of a key-value pair.
-