Example 5: Provision a certificate for an EC2 instance
This example shows you how POST Certificates/Request can provision a certificate for the cloud. Later, after the EC2 instance is destroyed, the Cloud Instance Monitoring feature can delete the associated Device and Application objects. Cloud Instance Monitoring revokes and/or disables the certificate, and then moves it to a designated Policy tree folder. For more information, see Certificates/Request Applications parameters for provisioning and About Cloud Instance Monitoring.
Example 5: Provision for elastic instance
Request for Example 5
POST https://tpp.venafi.example/vedsdk/Certificates/Request
Authorization:Bearer 4MyGeneratedBearerTknz==
{
"PolicyDN":"\\VED\\Policy\\Amazon",
"CADN":"\\VED\\Policy\\Symantec",
"ObjectName":"devops.test.com",
"Subject":"devops.test.com",
"OrganizationalUnit":"DevOps",
"Organization":"Test Company",
"ManagementType":"Enrollment",
"KeyBitSize":2048,
"Devices":[
{
"PolicyDN":"\\VED\\Policy\\Amazon",
"ObjectName":"i-0f2ba66bc5f66d44c",
"Host":"ec2-192-168-100-241.compute-1.amazonaws.com",
"CloudService":"AWS",
"CloudRegion":"us-west-2",
"CloudInstanceID":"i-0f2ba66bc5f55d44c",
"Applications":[
{
"ObjectName":"App-444",
"ValidationPort":444
}
]
},
{
"PolicyDN":"\\VED\\Policy\\Amazon",
"ObjectName":"i-985b9641",
"Host":"ec2-192-168-100-242.compute-1.amazonaws.com",
"CloudService":"AWS",
"CloudRegion":"us-west-2",
"CloudInstanceID":"i-989b9641",
"Applications":[
{
"ObjectName":"App-444",
"ValidationPort":444
}
]
}
]
}
Response for Example 5
HTTP/1.1 200 OK
{
"CertificateDN":"\\VED\\Policy\\Amazon\\devops.test.com",
"Devices":[
{
"Applications":[
{
"DN":"\\VED\\Policy\\Amazon\\i-0f2ba66bc5f66d44c\\App-444"
}
],
"DN":"\\VED\\Policy\\Amazon\\i-0f2ba66bc5f66d44c"
},
{
"Applications":[
{
"DN":"\\VED\\Policy\\Amazon\\i-985b9641\\App-444"
}
],
"DN":"\\VED\\Policy\\Amazon\\i-985b9641"
}
],
"Guid":"{4db2668f-ba58-42c7-8682-5e16bc5fb0ca}"
}