lib/aws-sdk-acm/client.rb in aws-sdk-acm-1.26.0 vs lib/aws-sdk-acm/client.rb in aws-sdk-acm-1.27.0
- old
+ new
@@ -423,11 +423,11 @@
# resp.certificate.not_after #=> Time
# resp.certificate.key_algorithm #=> String, one of "RSA_2048", "RSA_1024", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1"
# resp.certificate.signature_algorithm #=> String
# resp.certificate.in_use_by #=> Array
# resp.certificate.in_use_by[0] #=> String
- # resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
+ # resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_NAME_CONSTRAINTS_VALIDATION", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
# resp.certificate.type #=> String, one of "IMPORTED", "AMAZON_ISSUED", "PRIVATE"
# resp.certificate.renewal_summary.renewal_status #=> String, one of "PENDING_AUTO_RENEWAL", "PENDING_VALIDATION", "SUCCESS", "FAILED"
# resp.certificate.renewal_summary.domain_validation_options #=> Array
# resp.certificate.renewal_summary.domain_validation_options[0].domain_name #=> String
# resp.certificate.renewal_summary.domain_validation_options[0].validation_emails #=> Array
@@ -436,11 +436,11 @@
# resp.certificate.renewal_summary.domain_validation_options[0].validation_status #=> String, one of "PENDING_VALIDATION", "SUCCESS", "FAILED"
# resp.certificate.renewal_summary.domain_validation_options[0].resource_record.name #=> String
# resp.certificate.renewal_summary.domain_validation_options[0].resource_record.type #=> String, one of "CNAME"
# resp.certificate.renewal_summary.domain_validation_options[0].resource_record.value #=> String
# resp.certificate.renewal_summary.domain_validation_options[0].validation_method #=> String, one of "EMAIL", "DNS"
- # resp.certificate.renewal_summary.renewal_status_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
+ # resp.certificate.renewal_summary.renewal_status_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_NAME_CONSTRAINTS_VALIDATION", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
# resp.certificate.renewal_summary.updated_at #=> Time
# resp.certificate.key_usages #=> Array
# resp.certificate.key_usages[0].name #=> String, one of "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "CERTIFICATE_SIGNING", "CRL_SIGNING", "ENCIPHER_ONLY", "DECIPHER_ONLY", "ANY", "CUSTOM"
# resp.certificate.extended_key_usages #=> Array
# resp.certificate.extended_key_usages[0].name #=> String, one of "TLS_WEB_SERVER_AUTHENTICATION", "TLS_WEB_CLIENT_AUTHENTICATION", "CODE_SIGNING", "EMAIL_PROTECTION", "TIME_STAMPING", "OCSP_SIGNING", "IPSEC_END_SYSTEM", "IPSEC_TUNNEL", "IPSEC_USER", "ANY", "NONE", "CUSTOM"
@@ -457,20 +457,23 @@
req = build_request(:describe_certificate, params)
req.send_request(options)
end
# Exports a private certificate issued by a private certificate
- # authority (CA) for use anywhere. You can export the certificate, the
- # certificate chain, and the encrypted private key associated with the
- # public key embedded in the certificate. You must store the private key
- # securely. The private key is a 2048 bit RSA key. You must provide a
- # passphrase for the private key when exporting it. You can use the
- # following OpenSSL command to decrypt it later. Provide the passphrase
- # when prompted.
+ # authority (CA) for use anywhere. The exported file contains the
+ # certificate, the certificate chain, and the encrypted private 2048-bit
+ # RSA key associated with the public key that is embedded in the
+ # certificate. For security, you must assign a passphrase for the
+ # private key when exporting it.
#
- # `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
+ # For information about exporting and formatting a certificate using the
+ # ACM console or CLI, see [Export a Private Certificate][1].
#
+ #
+ #
+ # [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-export-private.html
+ #
# @option params [required, String] :certificate_arn
# An Amazon Resource Name (ARN) of the issued certificate. This must be
# of the form:
#
# `arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012`
@@ -593,11 +596,11 @@
#
# * The OCSP authority URL, if present, must not exceed 1000 characters.
#
# * To import a new certificate, omit the `CertificateArn` argument.
# Include this argument only when you want to replace a previously
- # imported certificate.
+ # imported certifica
#
# * When you import a certificate by using the CLI, you must specify the
# certificate, the certificate chain, and the private key by their
# file names preceded by `file://`. For example, you can specify a
# certificate saved in the `C:\temp` folder as
@@ -606,10 +609,14 @@
#
# * When you import a certificate by using an SDK, you must specify the
# certificate, the certificate chain, and the private key files in the
# manner required by the programming language you're using.
#
+ # * The cryptographic algorithm of an imported certificate must match
+ # the algorithm of the signing CA. For example, if the signing CA key
+ # type is RSA, then the certificate key type must also be RSA.
+ #
# This operation returns the [Amazon Resource Name (ARN)][4] of the
# imported certificate.
#
#
#
@@ -633,10 +640,15 @@
# The private key that matches the public key in the certificate.
#
# @option params [String, IO] :certificate_chain
# The PEM encoded certificate chain.
#
+ # @option params [Array<Types::Tag>] :tags
+ # One or more resource tags to associate with the imported certificate.
+ #
+ # Note: You cannot apply tags when reimporting a certificate.
+ #
# @return [Types::ImportCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
#
# * {Types::ImportCertificateResponse#certificate_arn #certificate_arn} => String
#
# @example Request syntax with placeholder values
@@ -644,10 +656,16 @@
# resp = client.import_certificate({
# certificate_arn: "Arn",
# certificate: "data", # required
# private_key: "data", # required
# certificate_chain: "data",
+ # tags: [
+ # {
+ # key: "TagKey", # required
+ # value: "TagValue",
+ # },
+ # ],
# })
#
# @example Response structure
#
# resp.certificate_arn #=> String
@@ -661,11 +679,13 @@
req.send_request(options)
end
# Retrieves a list of certificate ARNs and domain names. You can request
# that only certificates that match a specific status be listed. You can
- # also filter by specific attributes of the certificate.
+ # also filter by specific attributes of the certificate. Default
+ # filtering returns only `RSA_2048` certificates. For more information,
+ # see Filters.
#
# @option params [Array<String>] :certificate_statuses
# Filter the certificate list by status value.
#
# @option params [Types::Filters] :includes
@@ -874,11 +894,11 @@
# want to secure with an ACM certificate. Use an asterisk (*) to create
# a wildcard certificate that protects several sites in the same domain.
# For example, *.example.com protects www.example.com,
# site.example.com, and images.example.com.
#
- # The first domain name you enter cannot exceed 63 octets, including
+ # The first domain name you enter cannot exceed 64 octets, including
# periods. Each subsequent Subject Alternative Name (SAN), however, can
# be up to 253 octets in length.
#
# @option params [String] :validation_method
# The method you want to use if you are requesting a public certificate
@@ -958,10 +978,13 @@
#
#
#
# [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html
#
+ # @option params [Array<Types::Tag>] :tags
+ # One or more resource tags to associate with the certificate.
+ #
# @return [Types::RequestCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
#
# * {Types::RequestCertificateResponse#certificate_arn #certificate_arn} => String
#
# @example Request syntax with placeholder values
@@ -979,10 +1002,16 @@
# ],
# options: {
# certificate_transparency_logging_preference: "ENABLED", # accepts ENABLED, DISABLED
# },
# certificate_authority_arn: "Arn",
+ # tags: [
+ # {
+ # key: "TagKey", # required
+ # value: "TagValue",
+ # },
+ # ],
# })
#
# @example Response structure
#
# resp.certificate_arn #=> String
@@ -1119,10 +1148,10 @@
operation: config.api.operation(operation_name),
client: self,
params: params,
config: config)
context[:gem_name] = 'aws-sdk-acm'
- context[:gem_version] = '1.26.0'
+ context[:gem_version] = '1.27.0'
Seahorse::Client::Request.new(handlers, context)
end
# Polls an API operation until a resource enters a desired state.
#