| Copyright | (c) 2013-2021 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay <brendan.g.hay+amazonka@gmail.com> |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | None |
Amazonka.CertificateManagerPCA.CreateCertificateAuthorityAuditReport
Description
Creates an audit report that lists every time that your CA private key is used. The report is saved in the Amazon S3 bucket that you specify on input. The IssueCertificate and RevokeCertificate actions use the private key.
Both PCA and the IAM principal must have permission to write to the S3 bucket that you specify. If the IAM principal making the call does not have permission to write to the bucket, then an exception is thrown. For more information, see Configure Access to ACM Private CA.
ACM Private CA assets that are stored in Amazon S3 can be protected with encryption. For more information, see Encrypting Your Audit Reports.
Synopsis
- data CreateCertificateAuthorityAuditReport = CreateCertificateAuthorityAuditReport' {}
- newCreateCertificateAuthorityAuditReport :: Text -> Text -> AuditReportResponseFormat -> CreateCertificateAuthorityAuditReport
- createCertificateAuthorityAuditReport_certificateAuthorityArn :: Lens' CreateCertificateAuthorityAuditReport Text
- createCertificateAuthorityAuditReport_s3BucketName :: Lens' CreateCertificateAuthorityAuditReport Text
- createCertificateAuthorityAuditReport_auditReportResponseFormat :: Lens' CreateCertificateAuthorityAuditReport AuditReportResponseFormat
- data CreateCertificateAuthorityAuditReportResponse = CreateCertificateAuthorityAuditReportResponse' {
- s3Key :: Maybe Text
- auditReportId :: Maybe Text
- httpStatus :: Int
- newCreateCertificateAuthorityAuditReportResponse :: Int -> CreateCertificateAuthorityAuditReportResponse
- createCertificateAuthorityAuditReportResponse_s3Key :: Lens' CreateCertificateAuthorityAuditReportResponse (Maybe Text)
- createCertificateAuthorityAuditReportResponse_auditReportId :: Lens' CreateCertificateAuthorityAuditReportResponse (Maybe Text)
- createCertificateAuthorityAuditReportResponse_httpStatus :: Lens' CreateCertificateAuthorityAuditReportResponse Int
Creating a Request
data CreateCertificateAuthorityAuditReport Source #
See: newCreateCertificateAuthorityAuditReport smart constructor.
Constructors
| CreateCertificateAuthorityAuditReport' | |
Fields
| |
Instances
newCreateCertificateAuthorityAuditReport Source #
Arguments
Create a value of CreateCertificateAuthorityAuditReport with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:certificateAuthorityArn:CreateCertificateAuthorityAuditReport', createCertificateAuthorityAuditReport_certificateAuthorityArn - The Amazon Resource Name (ARN) of the CA to be audited. This is of the
form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .
$sel:s3BucketName:CreateCertificateAuthorityAuditReport', createCertificateAuthorityAuditReport_s3BucketName - The name of the S3 bucket that will contain the audit report.
$sel:auditReportResponseFormat:CreateCertificateAuthorityAuditReport', createCertificateAuthorityAuditReport_auditReportResponseFormat - The format in which to create the report. This can be either JSON or
CSV.
Request Lenses
createCertificateAuthorityAuditReport_certificateAuthorityArn :: Lens' CreateCertificateAuthorityAuditReport Text Source #
The Amazon Resource Name (ARN) of the CA to be audited. This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .
createCertificateAuthorityAuditReport_s3BucketName :: Lens' CreateCertificateAuthorityAuditReport Text Source #
The name of the S3 bucket that will contain the audit report.
createCertificateAuthorityAuditReport_auditReportResponseFormat :: Lens' CreateCertificateAuthorityAuditReport AuditReportResponseFormat Source #
The format in which to create the report. This can be either JSON or CSV.
Destructuring the Response
data CreateCertificateAuthorityAuditReportResponse Source #
See: newCreateCertificateAuthorityAuditReportResponse smart constructor.
Constructors
| CreateCertificateAuthorityAuditReportResponse' | |
Fields
| |
Instances
newCreateCertificateAuthorityAuditReportResponse Source #
Arguments
| :: Int |
|
| -> CreateCertificateAuthorityAuditReportResponse |
Create a value of CreateCertificateAuthorityAuditReportResponse with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:s3Key:CreateCertificateAuthorityAuditReportResponse', createCertificateAuthorityAuditReportResponse_s3Key - The key that uniquely identifies the report file in your S3 bucket.
$sel:auditReportId:CreateCertificateAuthorityAuditReportResponse', createCertificateAuthorityAuditReportResponse_auditReportId - An alphanumeric string that contains a report identifier.
$sel:httpStatus:CreateCertificateAuthorityAuditReportResponse', createCertificateAuthorityAuditReportResponse_httpStatus - The response's http status code.
Response Lenses
createCertificateAuthorityAuditReportResponse_s3Key :: Lens' CreateCertificateAuthorityAuditReportResponse (Maybe Text) Source #
The key that uniquely identifies the report file in your S3 bucket.
createCertificateAuthorityAuditReportResponse_auditReportId :: Lens' CreateCertificateAuthorityAuditReportResponse (Maybe Text) Source #
An alphanumeric string that contains a report identifier.
createCertificateAuthorityAuditReportResponse_httpStatus :: Lens' CreateCertificateAuthorityAuditReportResponse Int Source #
The response's http status code.