lib/aws-sdk-acm/client.rb in aws-sdk-acm-1.5.0 vs lib/aws-sdk-acm/client.rb in aws-sdk-acm-1.6.0
- old
+ new
@@ -175,11 +175,11 @@
# To view all of the tags that have been applied to the certificate, use
# the ListTagsForCertificate action.
#
#
#
- # [1]: http://docs.aws.amazon.com/acm/latest/userguide/tags.html
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/tags.html
#
# @option params [required, String] :certificate_arn
# String that contains the ARN of the ACM certificate to which the tag
# is to be applied. This must be of the form:
#
@@ -314,12 +314,12 @@
# resp.certificate.not_after #=> Time
# resp.certificate.key_algorithm #=> String, one of "RSA_2048", "RSA_1024", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1"
# resp.certificate.signature_algorithm #=> String
# resp.certificate.in_use_by #=> Array
# resp.certificate.in_use_by[0] #=> String
- # resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "CAA_ERROR", "OTHER"
- # resp.certificate.type #=> String, one of "IMPORTED", "AMAZON_ISSUED"
+ # resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "OTHER"
+ # resp.certificate.type #=> String, one of "IMPORTED", "AMAZON_ISSUED", "PRIVATE"
# resp.certificate.renewal_summary.renewal_status #=> String, one of "PENDING_AUTO_RENEWAL", "PENDING_VALIDATION", "SUCCESS", "FAILED"
# resp.certificate.renewal_summary.domain_validation_options #=> Array
# resp.certificate.renewal_summary.domain_validation_options[0].domain_name #=> String
# resp.certificate.renewal_summary.domain_validation_options[0].validation_emails #=> Array
# resp.certificate.renewal_summary.domain_validation_options[0].validation_emails[0] #=> String
@@ -332,10 +332,12 @@
# resp.certificate.key_usages #=> Array
# resp.certificate.key_usages[0].name #=> String, one of "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "CERTIFICATE_SIGNING", "CRL_SIGNING", "ENCIPHER_ONLY", "DECIPHER_ONLY", "ANY", "CUSTOM"
# resp.certificate.extended_key_usages #=> Array
# resp.certificate.extended_key_usages[0].name #=> String, one of "TLS_WEB_SERVER_AUTHENTICATION", "TLS_WEB_CLIENT_AUTHENTICATION", "CODE_SIGNING", "EMAIL_PROTECTION", "TIME_STAMPING", "OCSP_SIGNING", "IPSEC_END_SYSTEM", "IPSEC_TUNNEL", "IPSEC_USER", "ANY", "NONE", "CUSTOM"
# resp.certificate.extended_key_usages[0].oid #=> String
+ # resp.certificate.certificate_authority_arn #=> String
+ # resp.certificate.renewal_eligibility #=> String, one of "ELIGIBLE", "INELIGIBLE"
# resp.certificate.options.certificate_transparency_logging_preference #=> String, one of "ENABLED", "DISABLED"
#
# @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/DescribeCertificate AWS API Documentation
#
# @overload describe_certificate(params = {})
@@ -343,10 +345,62 @@
def describe_certificate(params = {}, options = {})
req = build_request(:describe_certificate, params)
req.send_request(options)
end
+ # Exports a certificate for use anywhere. You can export the
+ # certificate, the certificate chain, and the encrypted private key
+ # associated with the public key embedded in the certificate. You must
+ # store the private key securely. The private key is a 2048 bit RSA key.
+ # You must provide a passphrase for the private key when exporting it.
+ # You can use the following OpenSSL command to decrypt it later. Provide
+ # the passphrase when prompted.
+ #
+ # `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
+ #
+ # @option params [required, String] :certificate_arn
+ # An Amazon Resource Name (ARN) of the issued certificate. This must be
+ # of the form:
+ #
+ # `arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012`
+ #
+ # @option params [required, String, IO] :passphrase
+ # Passphrase to associate with the encrypted exported private key. If
+ # you want to later decrypt the private key, you must have the
+ # passphrase. You can use the following OpenSSL command to decrypt a
+ # private key:
+ #
+ # `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
+ #
+ # @return [Types::ExportCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+ #
+ # * {Types::ExportCertificateResponse#certificate #certificate} => String
+ # * {Types::ExportCertificateResponse#certificate_chain #certificate_chain} => String
+ # * {Types::ExportCertificateResponse#private_key #private_key} => String
+ #
+ # @example Request syntax with placeholder values
+ #
+ # resp = client.export_certificate({
+ # certificate_arn: "Arn", # required
+ # passphrase: "data", # required
+ # })
+ #
+ # @example Response structure
+ #
+ # resp.certificate #=> String
+ # resp.certificate_chain #=> String
+ # resp.private_key #=> String
+ #
+ # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ExportCertificate AWS API Documentation
+ #
+ # @overload export_certificate(params = {})
+ # @param [Hash] params ({})
+ def export_certificate(params = {}, options = {})
+ req = build_request(:export_certificate, params)
+ req.send_request(options)
+ end
+
# Retrieves a certificate specified by an ARN and its certificate chain
# . The chain is an ordered list of certificates that contains the end
# entity certificate, intermediate certificates of subordinate CAs, and
# the root certificate in that order. The certificate and certificate
# chain are base64 encoded. If you want to decode the certificate to see
@@ -441,13 +495,13 @@
# This operation returns the [Amazon Resource Name (ARN)][4] of the
# imported certificate.
#
#
#
- # [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-services.html
- # [2]: http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
- # [3]: http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-services.html
+ # [2]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/import-certificate.html
+ # [3]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-renewal.html
# [4]: http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
#
# @option params [String] :certificate_arn
# The [Amazon Resource Name (ARN)][1] of an imported certificate to
# replace. To import a new certificate, omit this field.
@@ -661,12 +715,12 @@
# After receiving approval from the domain owner, the ACM certificate is
# issued.
#
#
#
- # [1]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
- # [2]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-dns.html
+ # [2]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-email.html
#
# @option params [required, String] :domain_name
# Fully qualified domain name (FQDN), such as www.example.com, of the
# site that you want to secure with an ACM Certificate. Use an asterisk
# (*) to create a wildcard certificate that protects several sites in
@@ -682,12 +736,12 @@
# You can [validate with DNS][1] or [validate with email][2]. We
# recommend that you use DNS validation.
#
#
#
- # [1]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
- # [2]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-dns.html
+ # [2]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-email.html
#
# @option params [Array<String>] :subject_alternative_names
# Additional FQDNs to be included in the Subject Alternative Name
# extension of the ACM certificate. For example, add the name
# www.example.net to a certificate for which the `DomainName` field is
@@ -713,11 +767,11 @@
# because the total length of the DNS name (63+1+63+1+63+1+62) exceeds
# 253 octets.
#
#
#
- # [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-limits.html
#
# @option params [String] :idempotency_token
# Customer chosen string that can be used to distinguish between calls
# to `RequestCertificate`. Idempotency tokens time out after one hour.
# Therefore, if you call `RequestCertificate` multiple times with the
@@ -738,12 +792,25 @@
# been logged typically produce an error message in a browser. For more
# information, see [Opting Out of Certificate Transparency Logging][1].
#
#
#
- # [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-bestpractices.html#best-practices-transparency
#
+ # @option params [String] :certificate_authority_arn
+ # The Amazon Resource Name (ARN) of the private certificate authority
+ # (CA) that will be used to issue the certificate. For more information
+ # about private CAs, see the [AWS Certificate Manager Private
+ # Certificate Authority (PCA)][1] user guide. The ARN must have the
+ # following form:
+ #
+ # `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
+ #
+ #
+ #
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm-pca/latest/userguide/PcaWelcome.html
+ #
# @return [Types::RequestCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
#
# * {Types::RequestCertificateResponse#certificate_arn #certificate_arn} => String
#
# @example Request syntax with placeholder values
@@ -760,10 +827,11 @@
# },
# ],
# options: {
# certificate_transparency_logging_preference: "ENABLED", # accepts ENABLED, DISABLED
# },
+ # certificate_authority_arn: "Arn",
# })
#
# @example Response structure
#
# resp.certificate_arn #=> String
@@ -790,11 +858,11 @@
# For more information about setting up your contact email addresses,
# see [Configure Email for your Domain][1].
#
#
#
- # [1]: http://docs.aws.amazon.com/acm/latest/userguide/setup-email.html
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/setup-email.html
#
# @option params [required, String] :certificate_arn
# String that contains the ARN of the requested certificate. The
# certificate ARN is generated and returned by the RequestCertificate
# action as soon as the request is made. By default, using this
@@ -851,11 +919,11 @@
# certificate transparency log. For more information, see [ Opting Out
# of Certificate Transparency Logging][1].
#
#
#
- # [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency
+ # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-bestpractices.html#best-practices-transparency
#
# @option params [required, String] :certificate_arn
# ARN of the requested certificate to update. This must be of the form:
#
# `arn:aws:acm:us-east-1:account:certificate/12345678-1234-1234-1234-123456789012
@@ -900,10 +968,10 @@
operation: config.api.operation(operation_name),
client: self,
params: params,
config: config)
context[:gem_name] = 'aws-sdk-acm'
- context[:gem_version] = '1.5.0'
+ context[:gem_version] = '1.6.0'
Seahorse::Client::Request.new(handlers, context)
end
# @api private
# @deprecated