class Aws::ACMPCA::Types::Permission
Permissions designate which private CA actions can be performed by an AWS service or entity. In order for ACM to automatically renew private certificates, you must give the ACM service principal all available permissions (`IssueCertificate`, `GetCertificate`, and `ListPermissions`). Permissions can be assigned with the
- CreatePermission][1
-
action, removed with the [DeletePermission]
action, and listed with the [ListPermissions] action.
[1]: docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreatePermission.html [2]: docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeletePermission.html [3]: docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListPermissions.html
@!attribute [rw] certificate_authority_arn
The Amazon Resource Number (ARN) of the private CA from which the permission was issued. @return [String]
@!attribute [rw] created_at
The time at which the permission was created. @return [Time]
@!attribute [rw] principal
The AWS service or entity that holds the permission. At this time, the only valid principal is `acm.amazonaws.com`. @return [String]
@!attribute [rw] source_account
The ID of the account that assigned the permission. @return [String]
@!attribute [rw] actions
The private CA actions that can be performed by the designated AWS service. @return [Array<String>]
@!attribute [rw] policy
The name of the policy that is associated with the permission. @return [String]
@see docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/Permission AWS API Documentation
Constants
- SENSITIVE