X509AttributeFilter
Filters certificates by X.509 attributes.
Contents
Note
In the following list, the required parameters are described first.
Important
This data type is a UNION, so only one of the following members can be specified when used or returned.
- ExtendedKeyUsage
-
Filter by extended key usage.
Type: String
Valid Values:
TLS_WEB_SERVER_AUTHENTICATION | TLS_WEB_CLIENT_AUTHENTICATION | CODE_SIGNING | EMAIL_PROTECTION | TIME_STAMPING | OCSP_SIGNING | IPSEC_END_SYSTEM | IPSEC_TUNNEL | IPSEC_USER | ANY | NONE | CUSTOMRequired: No
- KeyAlgorithm
-
Filter by key algorithm.
Type: String
Valid Values:
RSA_1024 | RSA_2048 | RSA_3072 | RSA_4096 | EC_prime256v1 | EC_secp384r1 | EC_secp521r1Required: No
- KeyUsage
-
Filter by key usage.
Type: String
Valid Values:
DIGITAL_SIGNATURE | NON_REPUDIATION | KEY_ENCIPHERMENT | DATA_ENCIPHERMENT | KEY_AGREEMENT | CERTIFICATE_SIGNING | CRL_SIGNING | ENCIPHER_ONLY | DECIPHER_ONLY | ANY | CUSTOMRequired: No
- NotAfter
-
Filter by certificate expiration date. The start date is inclusive.
Type: TimestampRange object
Required: No
- NotBefore
-
Filter by certificate validity start date. The start date is inclusive.
Type: TimestampRange object
Required: No
- SerialNumber
-
Filter by serial number.
Type: String
Length Constraints: Minimum length of 2. Maximum length of 59.
Pattern:
[0-9a-f]{2}(:[0-9a-f]{2}){1,19}Required: No
- Subject
-
Filter by certificate subject.
Type: SubjectFilter object
Note: This object is a Union. Only one member of this object can be specified or returned.
Required: No
- SubjectAlternativeName
-
Filter by subject alternative names.
Type: SubjectAlternativeNameFilter object
Note: This object is a Union. Only one member of this object can be specified or returned.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: