aws-sdk-acm 1.26.0 → 1.27.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: '04958ee7db940442114af4625ecd6ba4dc433a09'
-  data.tar.gz: 6da9727f11259940ed33865f8657655912494c1e
+  metadata.gz: 2a7fec9e84eceab87f73c517c6cab6fb2b9bc6a3
+  data.tar.gz: 6daa0cdb808e81705c83bcdfaf822eb85f90568d
 SHA512:
-  metadata.gz: 10e59858625e434aeaf56d98c8326448cb537824364e1ed94328df9052343621edf36d2eaa4e4266be3007d28a5917643b9bb42d8f8b0d8d06e1358380f0fca3
-  data.tar.gz: fb3b17f0b142c5a5b88f4bbf0f1d5db82ad846dc99c15c9effac823c62c3fc16f13ad5340015e2a581e2f689f9e54f74699e578bf6785df4a3812dbd54c8e586
+  metadata.gz: 4ed9e30e58c57da32b39d74d6aa4b124a8a30cc7dda1721947b8c52d0454a520b63d8e791770b05dc85ed37e60dd1f253262e0bf56d07735ca1649f47cc0eb5b
+  data.tar.gz: a71a61c3992fa4737cdd3412c0f4020434d502f714a4a414b16cf11527dbb937646f4808cc2fea3e6391834d56bd0983aa3d30d1731a62b251bc1584babc6af0

data/lib/aws-sdk-acm.rb

@@ -43,6 +43,6 @@ require_relative 'aws-sdk-acm/customizations'
 # @service
 module Aws::ACM
 
-  GEM_VERSION = '1.26.0'
+  GEM_VERSION = '1.27.0'
 
 end

data/lib/aws-sdk-acm/client.rb

@@ -425,7 +425,7 @@ module Aws::ACM
     #   resp.certificate.signature_algorithm #=> String
     #   resp.certificate.in_use_by #=> Array
     #   resp.certificate.in_use_by[0] #=> String
-    #   resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
+    #   resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_NAME_CONSTRAINTS_VALIDATION", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
     #   resp.certificate.type #=> String, one of "IMPORTED", "AMAZON_ISSUED", "PRIVATE"
     #   resp.certificate.renewal_summary.renewal_status #=> String, one of "PENDING_AUTO_RENEWAL", "PENDING_VALIDATION", "SUCCESS", "FAILED"
     #   resp.certificate.renewal_summary.domain_validation_options #=> Array
@@ -438,7 +438,7 @@ module Aws::ACM
     #   resp.certificate.renewal_summary.domain_validation_options[0].resource_record.type #=> String, one of "CNAME"
     #   resp.certificate.renewal_summary.domain_validation_options[0].resource_record.value #=> String
     #   resp.certificate.renewal_summary.domain_validation_options[0].validation_method #=> String, one of "EMAIL", "DNS"
-    #   resp.certificate.renewal_summary.renewal_status_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
+    #   resp.certificate.renewal_summary.renewal_status_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_NAME_CONSTRAINTS_VALIDATION", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
     #   resp.certificate.renewal_summary.updated_at #=> Time
     #   resp.certificate.key_usages #=> Array
     #   resp.certificate.key_usages[0].name #=> String, one of "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "CERTIFICATE_SIGNING", "CRL_SIGNING", "ENCIPHER_ONLY", "DECIPHER_ONLY", "ANY", "CUSTOM"
@@ -459,15 +459,18 @@ module Aws::ACM
     end
 
     # Exports a private certificate issued by a private certificate
-    # authority (CA) for use anywhere. You can export the certificate, the
-    # certificate chain, and the encrypted private key associated with the
-    # public key embedded in the certificate. You must store the private key
-    # securely. The private key is a 2048 bit RSA key. You must provide a
-    # passphrase for the private key when exporting it. You can use the
-    # following OpenSSL command to decrypt it later. Provide the passphrase
-    # when prompted.
+    # authority (CA) for use anywhere. The exported file contains the
+    # certificate, the certificate chain, and the encrypted private 2048-bit
+    # RSA key associated with the public key that is embedded in the
+    # certificate. For security, you must assign a passphrase for the
+    # private key when exporting it.
     #
-    # `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
+    # For information about exporting and formatting a certificate using the
+    # ACM console or CLI, see [Export a Private Certificate][1].
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-export-private.html
     #
     # @option params [required, String] :certificate_arn
     #   An Amazon Resource Name (ARN) of the issued certificate. This must be
@@ -595,7 +598,7 @@ module Aws::ACM
     #
     # * To import a new certificate, omit the `CertificateArn` argument.
     #   Include this argument only when you want to replace a previously
-    #   imported certificate.
+    #   imported certifica
     #
     # * When you import a certificate by using the CLI, you must specify the
     #   certificate, the certificate chain, and the private key by their
@@ -608,6 +611,10 @@ module Aws::ACM
     #   certificate, the certificate chain, and the private key files in the
     #   manner required by the programming language you're using.
     #
+    # * The cryptographic algorithm of an imported certificate must match
+    #   the algorithm of the signing CA. For example, if the signing CA key
+    #   type is RSA, then the certificate key type must also be RSA.
+    #
     # This operation returns the [Amazon Resource Name (ARN)][4] of the
     # imported certificate.
     #
@@ -635,6 +642,11 @@ module Aws::ACM
     # @option params [String, IO] :certificate_chain
     #   The PEM encoded certificate chain.
     #
+    # @option params [Array<Types::Tag>] :tags
+    #   One or more resource tags to associate with the imported certificate.
+    #
+    #   Note: You cannot apply tags when reimporting a certificate.
+    #
     # @return [Types::ImportCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ImportCertificateResponse#certificate_arn #certificate_arn} => String
@@ -646,6 +658,12 @@ module Aws::ACM
     #     certificate: "data", # required
     #     private_key: "data", # required
     #     certificate_chain: "data",
+    #     tags: [
+    #       {
+    #         key: "TagKey", # required
+    #         value: "TagValue",
+    #       },
+    #     ],
     #   })
     #
     # @example Response structure
@@ -663,7 +681,9 @@ module Aws::ACM
 
     # Retrieves a list of certificate ARNs and domain names. You can request
     # that only certificates that match a specific status be listed. You can
-    # also filter by specific attributes of the certificate.
+    # also filter by specific attributes of the certificate. Default
+    # filtering returns only `RSA_2048` certificates. For more information,
+    # see Filters.
     #
     # @option params [Array<String>] :certificate_statuses
     #   Filter the certificate list by status value.
@@ -876,7 +896,7 @@ module Aws::ACM
     #   For example, *.example.com protects www.example.com,
     #   site.example.com, and images.example.com.
     #
-    #   The first domain name you enter cannot exceed 63 octets, including
+    #   The first domain name you enter cannot exceed 64 octets, including
     #   periods. Each subsequent Subject Alternative Name (SAN), however, can
     #   be up to 253 octets in length.
     #
@@ -960,6 +980,9 @@ module Aws::ACM
     #
     #   [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html
     #
+    # @option params [Array<Types::Tag>] :tags
+    #   One or more resource tags to associate with the certificate.
+    #
     # @return [Types::RequestCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::RequestCertificateResponse#certificate_arn #certificate_arn} => String
@@ -981,6 +1004,12 @@ module Aws::ACM
     #       certificate_transparency_logging_preference: "ENABLED", # accepts ENABLED, DISABLED
     #     },
     #     certificate_authority_arn: "Arn",
+    #     tags: [
+    #       {
+    #         key: "TagKey", # required
+    #         value: "TagValue",
+    #       },
+    #     ],
     #   })
     #
     # @example Response structure
@@ -1121,7 +1150,7 @@ module Aws::ACM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-acm'
-      context[:gem_version] = '1.26.0'
+      context[:gem_version] = '1.27.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-acm/client_api.rb

@@ -52,6 +52,7 @@ module Aws::ACM
     InvalidArgsException = Shapes::StructureShape.new(name: 'InvalidArgsException')
     InvalidArnException = Shapes::StructureShape.new(name: 'InvalidArnException')
     InvalidDomainValidationOptionsException = Shapes::StructureShape.new(name: 'InvalidDomainValidationOptionsException')
+    InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
     InvalidStateException = Shapes::StructureShape.new(name: 'InvalidStateException')
     InvalidTagException = Shapes::StructureShape.new(name: 'InvalidTagException')
     KeyAlgorithm = Shapes::StringShape.new(name: 'KeyAlgorithm')
@@ -89,6 +90,7 @@ module Aws::ACM
     Tag = Shapes::StructureShape.new(name: 'Tag')
     TagKey = Shapes::StringShape.new(name: 'TagKey')
     TagList = Shapes::ListShape.new(name: 'TagList')
+    TagPolicyException = Shapes::StructureShape.new(name: 'TagPolicyException')
     TagValue = Shapes::StringShape.new(name: 'TagValue')
     TooManyTagsException = Shapes::StructureShape.new(name: 'TooManyTagsException')
     UpdateCertificateOptionsRequest = Shapes::StructureShape.new(name: 'UpdateCertificateOptionsRequest')
@@ -198,6 +200,7 @@ module Aws::ACM
     ImportCertificateRequest.add_member(:certificate, Shapes::ShapeRef.new(shape: CertificateBodyBlob, required: true, location_name: "Certificate"))
     ImportCertificateRequest.add_member(:private_key, Shapes::ShapeRef.new(shape: PrivateKeyBlob, required: true, location_name: "PrivateKey"))
     ImportCertificateRequest.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: CertificateChainBlob, location_name: "CertificateChain"))
+    ImportCertificateRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     ImportCertificateRequest.struct_class = Types::ImportCertificateRequest
 
     ImportCertificateResponse.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateArn"))
@@ -214,6 +217,9 @@ module Aws::ACM
     InvalidDomainValidationOptionsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     InvalidDomainValidationOptionsException.struct_class = Types::InvalidDomainValidationOptionsException
 
+    InvalidParameterException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
+    InvalidParameterException.struct_class = Types::InvalidParameterException
+
     InvalidStateException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     InvalidStateException.struct_class = Types::InvalidStateException
 
@@ -268,6 +274,7 @@ module Aws::ACM
     RequestCertificateRequest.add_member(:domain_validation_options, Shapes::ShapeRef.new(shape: DomainValidationOptionList, location_name: "DomainValidationOptions"))
     RequestCertificateRequest.add_member(:options, Shapes::ShapeRef.new(shape: CertificateOptions, location_name: "Options"))
     RequestCertificateRequest.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateAuthorityArn"))
+    RequestCertificateRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     RequestCertificateRequest.struct_class = Types::RequestCertificateRequest
 
     RequestCertificateResponse.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateArn"))
@@ -298,6 +305,9 @@ module Aws::ACM
 
     TagList.member = Shapes::ShapeRef.new(shape: Tag)
 
+    TagPolicyException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
+    TagPolicyException.struct_class = Types::TagPolicyException
+
     TooManyTagsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     TooManyTagsException.struct_class = Types::TooManyTagsException
 
@@ -336,6 +346,8 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
         o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException)
+        o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
       end)
 
       api.add_operation(:delete_certificate, Seahorse::Model::Operation.new.tap do |o|
@@ -389,6 +401,10 @@ module Aws::ACM
         o.output = Shapes::ShapeRef.new(shape: ImportCertificateResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException)
+        o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
       end)
 
       api.add_operation(:list_certificates, Seahorse::Model::Operation.new.tap do |o|
@@ -425,6 +441,8 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
+        o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
       end)
 
       api.add_operation(:renew_certificate, Seahorse::Model::Operation.new.tap do |o|
@@ -446,6 +464,10 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidDomainValidationOptionsException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException)
+        o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
       end)
 
       api.add_operation(:resend_validation_email, Seahorse::Model::Operation.new.tap do |o|

data/lib/aws-sdk-acm/errors.rb

@@ -58,6 +58,22 @@ module Aws::ACM
 
     end
 
+    class InvalidParameterException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ACM::Types::InvalidParameterException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+
+    end
+
     class InvalidStateException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context
@@ -154,6 +170,22 @@ module Aws::ACM
 
     end
 
+    class TagPolicyException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ACM::Types::TagPolicyException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+
+    end
+
     class TooManyTagsException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context

data/lib/aws-sdk-acm/types.rb

@@ -592,6 +592,12 @@ module Aws::ACM
     # @!attribute [rw] key_types
     #   Specify one or more algorithms that can be used to generate key
     #   pairs.
+    #
+    #   Default filtering returns only `RSA_2048` certificates. To return
+    #   other certificate types, provide the desired type signatures in a
+    #   comma-separated list. For example, `"keyTypes":
+    #   ["RSA_2048,RSA_4096"]` returns both `RSA_2048` and `RSA_4096`
+    #   certificates.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/Filters AWS API Documentation
@@ -656,6 +662,12 @@ module Aws::ACM
     #         certificate: "data", # required
     #         private_key: "data", # required
     #         certificate_chain: "data",
+    #         tags: [
+    #           {
+    #             key: "TagKey", # required
+    #             value: "TagValue",
+    #           },
+    #         ],
     #       }
     #
     # @!attribute [rw] certificate_arn
@@ -679,13 +691,21 @@ module Aws::ACM
     #   The PEM encoded certificate chain.
     #   @return [String]
     #
+    # @!attribute [rw] tags
+    #   One or more resource tags to associate with the imported
+    #   certificate.
+    #
+    #   Note: You cannot apply tags when reimporting a certificate.
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ImportCertificateRequest AWS API Documentation
     #
     class ImportCertificateRequest < Struct.new(
       :certificate_arn,
       :certificate,
       :private_key,
-      :certificate_chain)
+      :certificate_chain,
+      :tags)
       include Aws::Structure
     end
 
@@ -742,6 +762,18 @@ module Aws::ACM
       include Aws::Structure
     end
 
+    # An input parameter was invalid.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/InvalidParameterException AWS API Documentation
+    #
+    class InvalidParameterException < Struct.new(
+      :message)
+      include Aws::Structure
+    end
+
     # Processing has reached an invalid state.
     #
     # @!attribute [rw] message
@@ -1030,6 +1062,12 @@ module Aws::ACM
     #           certificate_transparency_logging_preference: "ENABLED", # accepts ENABLED, DISABLED
     #         },
     #         certificate_authority_arn: "Arn",
+    #         tags: [
+    #           {
+    #             key: "TagKey", # required
+    #             value: "TagValue",
+    #           },
+    #         ],
     #       }
     #
     # @!attribute [rw] domain_name
@@ -1039,7 +1077,7 @@ module Aws::ACM
     #   same domain. For example, *.example.com protects www.example.com,
     #   site.example.com, and images.example.com.
     #
-    #   The first domain name you enter cannot exceed 63 octets, including
+    #   The first domain name you enter cannot exceed 64 octets, including
     #   periods. Each subsequent Subject Alternative Name (SAN), however,
     #   can be up to 253 octets in length.
     #   @return [String]
@@ -1132,6 +1170,10 @@ module Aws::ACM
     #   [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html
     #   @return [String]
     #
+    # @!attribute [rw] tags
+    #   One or more resource tags to associate with the certificate.
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/RequestCertificateRequest AWS API Documentation
     #
     class RequestCertificateRequest < Struct.new(
@@ -1141,7 +1183,8 @@ module Aws::ACM
       :idempotency_token,
       :domain_validation_options,
       :options,
-      :certificate_authority_arn)
+      :certificate_authority_arn,
+      :tags)
       include Aws::Structure
     end
 
@@ -1306,6 +1349,19 @@ module Aws::ACM
       include Aws::Structure
     end
 
+    # A specified tag did not comply with an existing tag policy and was
+    # rejected.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/TagPolicyException AWS API Documentation
+    #
+    class TagPolicyException < Struct.new(
+      :message)
+      include Aws::Structure
+    end
+
     # The request contains too many tags. Try the request again with fewer
     # tags.
     #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acm
 version: !ruby/object:Gem::Version
-  version: 1.26.0
+  version: 1.27.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-10-23 00:00:00.000000000 Z
+date: 2019-11-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core