Address greptile comments

backend/src/services/pki-sync/aws-certificate-manager/aws-certificate-manager-pki-sync-schemas.ts

@@ -12,7 +12,7 @@ export const AwsCertificateManagerPkiSyncConfigSchema = z.object({
 });
 
 const AwsCertificateManagerPkiSyncOptionsSchema = z.object({
-  canImportCertificates: z.boolean().default(true),
+  canImportCertificates: z.boolean().default(false),
   canRemoveCertificates: z.boolean().default(true),
   certificateNameSchema: z
     .string()

docs/api-reference/endpoints/pki/syncs/aws-certificate-manager/remove-certificates.mdx

@@ -1,4 +1,4 @@
 ---
 title: "Remove Certificates from AWS Certificate Manager"
 openapi: "POST /api/v1/pki/syncs/aws-certificate-manager/{pkiSyncId}/remove-certificates"
----
+---

docs/documentation/platform/pki/certificate-syncs/aws-certificate-manager.mdx

@@ -5,9 +5,9 @@ description: "Learn how to configure an AWS Certificate Manager Certificate Sync
 
 **Prerequisites:**
 
-        - Set up and configure a [Certificate Authority](/documentation/platform/pki/overview)
-        - Create an [AWS Connection](/integrations/app-connections/aws)
-        - Ensure your network security policies allow incoming requests from Infisical to this certificate sync provider, if network restrictions apply.
+- Set up and configure a [Certificate Authority](/documentation/platform/pki/overview)
+- Create an [AWS Connection](/integrations/app-connections/aws)
+- Ensure your network security policies allow incoming requests from Infisical to this certificate sync provider, if network restrictions apply.
 
 <Note>
   The AWS Certificate Manager Certificate Sync requires the following ACM permissions to be set on the IAM user/role
@@ -38,7 +38,6 @@ description: "Learn how to configure an AWS Certificate Manager Certificate Sync
 
             - **AWS Connection**: The AWS Connection to authenticate with.
             - **AWS Region**: The AWS region where certificates should be stored.
-            <p class="height:1px"  />
 
         5. Configure the **Sync Options** to specify how certificates should be synced, then click **Next**.
         ![Configure Options](/images/certificate-syncs/aws-certificate-manager/acm-options.png)

frontend/src/components/pki-syncs/forms/schemas/azure-key-vault-pki-sync-destination-schema.ts

@@ -8,7 +8,7 @@ export const AzureKeyVaultPkiSyncDestinationSchema = BasePkiSyncSchema().merge(
   z.object({
     destination: z.literal(PkiSync.AzureKeyVault),
     destinationConfig: z.object({
-      vaultBaseUrl: z.string().url("Valid URL is required")
+      vaultBaseUrl: z.string().min(1, "Vault base URL is required").url("Valid URL is required")
     })
   })
 );
@@ -24,7 +24,10 @@ export const UpdateAzureKeyVaultPkiSyncDestinationSchema =
       destination: z.literal(PkiSync.AzureKeyVault),
       connection: z.object({
         id: z.string().uuid("Invalid connection ID format"),
-        name: z.string().max(255, "Connection name must be less than 255 characters")
+        name: z
+          .string()
+          .min(1, "Connection name is required")
+          .max(255, "Connection name must be less than 255 characters")
       })
     })
   );

frontend/src/hooks/api/pkiSyncs/types/index.ts

@@ -22,7 +22,7 @@ export type TListPkiSyncs = { pkiSyncs: TPkiSync[] };
 
 export type TListPkiSyncOptions = { pkiSyncOptions: TPkiSyncOption[] };
 
-export type TCreatePkiSyncDTO = {
+type TCreatePkiSyncDTOBase = {
   name: string;
   description?: string;
   connectionId: string;
@@ -32,11 +32,17 @@ export type TCreatePkiSyncDTO = {
     certificateNamePrefix?: string;
     certificateNameSchema?: string;
   };
-  destination: PkiSync;
   isAutoSyncEnabled: boolean;
   subscriberId?: string;
   projectId: string;
-  destinationConfig: Record<string, any>;
+};
+
+export type TCreatePkiSyncDTO = TCreatePkiSyncDTOBase & {
+  destination: PkiSync;
+  destinationConfig: {
+    vaultBaseUrl?: string;
+    region?: string;
+  };
 };
 
 export type TUpdatePkiSyncDTO = Partial<Omit<TCreatePkiSyncDTO, "projectId">> & {