package awsiot


// Properties for defining a `CfnCertificate`.
//
// Example:
//   // The code below shows an example of how to instantiate this type.
//   // The values are placeholders you should change.
//   import "github.com/aws/aws-cdk-go/awscdk"
//
//   cfnCertificateProps := &CfnCertificateProps{
//   	Status: jsii.String("status"),
//
//   	// the properties below are optional
//   	CaCertificatePem: jsii.String("caCertificatePem"),
//   	CertificateMode: jsii.String("certificateMode"),
//   	CertificatePem: jsii.String("certificatePem"),
//   	CertificateSigningRequest: jsii.String("certificateSigningRequest"),
//   }
//
// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-certificate.html
//
type CfnCertificateProps struct {
	// The status of the certificate.
	//
	// Valid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.
	//
	// The status value REGISTER_INACTIVE is deprecated and should not be used.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-certificate.html#cfn-iot-certificate-status
	//
	Status *string `field:"required" json:"status" yaml:"status"`
	// The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-certificate.html#cfn-iot-certificate-cacertificatepem
	//
	CaCertificatePem *string `field:"optional" json:"caCertificatePem" yaml:"caCertificatePem"`
	// Specifies which mode of certificate registration to use with this resource.
	//
	// Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.
	//
	// `DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .
	//
	// `SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-certificate.html#cfn-iot-certificate-certificatemode
	//
	CertificateMode *string `field:"optional" json:"certificateMode" yaml:"certificateMode"`
	// The certificate data in PEM format.
	//
	// Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-certificate.html#cfn-iot-certificate-certificatepem
	//
	CertificatePem *string `field:"optional" json:"certificatePem" yaml:"certificatePem"`
	// The certificate signing request (CSR).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-certificate.html#cfn-iot-certificate-certificatesigningrequest
	//
	CertificateSigningRequest *string `field:"optional" json:"certificateSigningRequest" yaml:"certificateSigningRequest"`
}