aws-sdk-acm 1.26.0 → 1.31.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: '04958ee7db940442114af4625ecd6ba4dc433a09'
-  data.tar.gz: 6da9727f11259940ed33865f8657655912494c1e
+SHA256:
+  metadata.gz: 475f89f1b601b8d7a9843e9a9a4e5387363df3f7a54e40394cc9ec72fe833914
+  data.tar.gz: 66c928ba717346046d42269e051d4fed2f5a20e91a446dea9b6ab223c425edde
 SHA512:
-  metadata.gz: 10e59858625e434aeaf56d98c8326448cb537824364e1ed94328df9052343621edf36d2eaa4e4266be3007d28a5917643b9bb42d8f8b0d8d06e1358380f0fca3
-  data.tar.gz: fb3b17f0b142c5a5b88f4bbf0f1d5db82ad846dc99c15c9effac823c62c3fc16f13ad5340015e2a581e2f689f9e54f74699e578bf6785df4a3812dbd54c8e586
+  metadata.gz: 73716fc67b4bc311998c912e73db074f0b01626b5761ee05571f74baf92bd881e566b088699057454abab020e44396a16d96b7a68e976ce33c37eb0ee95a2774
+  data.tar.gz: 931adb2754e328e53afa81ea091b0a6f900f8699af5aad1345b2cac26a6e5a07c3415df248bf72a6e41c8199c3f434579ac3afa51676aa5d881d6fbac7294f7c

data/lib/aws-sdk-acm.rb

@@ -25,17 +25,20 @@ require_relative 'aws-sdk-acm/customizations'
 # methods each accept a hash of request parameters and return a response
 # structure.
 #
+#     acm = Aws::ACM::Client.new
+#     resp = acm.add_tags_to_certificate(params)
+#
 # See {Client} for more information.
 #
 # # Errors
 #
-# Errors returned from AWS Certificate Manager all
-# extend {Errors::ServiceError}.
+# Errors returned from AWS Certificate Manager are defined in the
+# {Errors} module and all extend {Errors::ServiceError}.
 #
 #     begin
 #       # do stuff
 #     rescue Aws::ACM::Errors::ServiceError
-#       # rescues all service API errors
+#       # rescues all AWS Certificate Manager API errors
 #     end
 #
 # See {Errors} for more information.
@@ -43,6 +46,6 @@ require_relative 'aws-sdk-acm/customizations'
 # @service
 module Aws::ACM
 
-  GEM_VERSION = '1.26.0'
+  GEM_VERSION = '1.31.0'
 
 end

data/lib/aws-sdk-acm/client.rb

@@ -30,6 +30,18 @@ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 Aws::Plugins::GlobalConfiguration.add_identifier(:acm)
 
 module Aws::ACM
+  # An API client for ACM.  To construct a client, you need to configure a `:region` and `:credentials`.
+  #
+  #     client = Aws::ACM::Client.new(
+  #       region: region_name,
+  #       credentials: credentials,
+  #       # ...
+  #     )
+  #
+  # For details on configuring region and credentials see
+  # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
+  #
+  # See {#initialize} for a full list of supported configuration options.
   class Client < Seahorse::Client::Base
 
     include Aws::ClientStubs
@@ -93,7 +105,7 @@ module Aws::ACM
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
     #     used to determine the service `:endpoint`. When not passed,
-    #     a default `:region` is search for in the following locations:
+    #     a default `:region` is searched for in the following locations:
     #
     #     * `Aws.config[:region]`
     #     * `ENV['AWS_REGION']`
@@ -108,6 +120,12 @@ module Aws::ACM
     #     When set to `true`, a thread polling for endpoints will be running in
     #     the background every 60 secs (default). Defaults to `false`.
     #
+    #   @option options [Boolean] :adaptive_retry_wait_to_fill (true)
+    #     Used only in `adaptive` retry mode.  When true, the request will sleep
+    #     until there is sufficent client side capacity to retry the request.
+    #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
+    #     not retry instead of sleeping.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -132,6 +150,10 @@ module Aws::ACM
     #     When `true`, an attempt is made to coerce request parameters into
     #     the required types.
     #
+    #   @option options [Boolean] :correct_clock_skew (true)
+    #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
+    #     a clock skew correction and retry requests with skewed client clocks.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -139,7 +161,7 @@ module Aws::ACM
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
-    #     to test endpoints. This should be avalid HTTP(S) URI.
+    #     to test endpoints. This should be a valid HTTP(S) URI.
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -154,7 +176,7 @@ module Aws::ACM
     #     requests fetching endpoints information. Defaults to 60 sec.
     #
     #   @option options [Boolean] :endpoint_discovery (false)
-    #     When set to `true`, endpoint discovery will be enabled for operations when available. Defaults to `false`.
+    #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
@@ -166,15 +188,29 @@ module Aws::ACM
     #     The Logger instance to send log messages to.  If this option
     #     is not set, logging will be disabled.
     #
+    #   @option options [Integer] :max_attempts (3)
+    #     An integer representing the maximum number attempts that will be made for
+    #     a single request, including the initial attempt.  For example,
+    #     setting this value to 5 will result in a request being retried up to
+    #     4 times. Used in `standard` and `adaptive` retry modes.
+    #
     #   @option options [String] :profile ("default")
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Proc] :retry_backoff
+    #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
+    #     This option is only used in the `legacy` retry mode.
+    #
     #   @option options [Float] :retry_base_delay (0.3)
-    #     The base delay in seconds used by the default backoff function.
+    #     The base delay in seconds used by the default backoff function. This option
+    #     is only used in the `legacy` retry mode.
     #
     #   @option options [Symbol] :retry_jitter (:none)
-    #     A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number.
+    #     A delay randomiser function used by the default backoff function.
+    #     Some predefined functions can be referenced by name - :none, :equal, :full,
+    #     otherwise a Proc that takes and returns a number. This option is only used
+    #     in the `legacy` retry mode.
     #
     #     @see https://www.awsarchitectureblog.com/2015/03/backoff.html
     #
@@ -182,11 +218,30 @@ module Aws::ACM
     #     The maximum number of times to retry failed requests.  Only
     #     ~ 500 level server errors and certain ~ 400 level client errors
     #     are retried.  Generally, these are throttling errors, data
-    #     checksum errors, networking errors, timeout errors and auth
-    #     errors from expired credentials.
+    #     checksum errors, networking errors, timeout errors, auth errors,
+    #     endpoint discovery, and errors from expired credentials.
+    #     This option is only used in the `legacy` retry mode.
     #
     #   @option options [Integer] :retry_max_delay (0)
-    #     The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function.
+    #     The maximum number of seconds to delay between retries (0 for no limit)
+    #     used by the default backoff function. This option is only used in the
+    #     `legacy` retry mode.
+    #
+    #   @option options [String] :retry_mode ("legacy")
+    #     Specifies which retry algorithm to use. Values are:
+    #
+    #     * `legacy` - The pre-existing retry behavior.  This is default value if
+    #       no retry mode is provided.
+    #
+    #     * `standard` - A standardized set of retry rules across the AWS SDKs.
+    #       This includes support for retry quotas, which limit the number of
+    #       unsuccessful retries a client can make.
+    #
+    #     * `adaptive` - An experimental retry mode that includes all the
+    #       functionality of `standard` mode along with automatic client side
+    #       throttling.  This is a provisional mode that may change behavior
+    #       in the future.
+    #
     #
     #   @option options [String] :secret_access_key
     #
@@ -219,16 +274,15 @@ module Aws::ACM
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
     #   @option options [Float] :http_open_timeout (15) The number of
-    #     seconds to wait when opening a HTTP session before rasing a
+    #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
     #   @option options [Integer] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
-    #     safely be set
-    #     per-request on the session yeidled by {#session_for}.
+    #     safely be set per-request on the session.
     #
     #   @option options [Float] :http_idle_timeout (5) The number of
-    #     seconds a connection is allowed to sit idble before it is
+    #     seconds a connection is allowed to sit idle before it is
     #     considered stale.  Stale connections are closed and removed
     #     from the pool before making a request.
     #
@@ -237,7 +291,7 @@ module Aws::ACM
     #     request body.  This option has no effect unless the request has
     #     "Expect" header set to "100-continue".  Defaults to `nil` which
     #     disables this behaviour.  This value can safely be set per
-    #     request on the session yeidled by {#session_for}.
+    #     request on the session.
     #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
@@ -425,7 +479,7 @@ module Aws::ACM
     #   resp.certificate.signature_algorithm #=> String
     #   resp.certificate.in_use_by #=> Array
     #   resp.certificate.in_use_by[0] #=> String
-    #   resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
+    #   resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_NAME_CONSTRAINTS_VALIDATION", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
     #   resp.certificate.type #=> String, one of "IMPORTED", "AMAZON_ISSUED", "PRIVATE"
     #   resp.certificate.renewal_summary.renewal_status #=> String, one of "PENDING_AUTO_RENEWAL", "PENDING_VALIDATION", "SUCCESS", "FAILED"
     #   resp.certificate.renewal_summary.domain_validation_options #=> Array
@@ -438,7 +492,7 @@ module Aws::ACM
     #   resp.certificate.renewal_summary.domain_validation_options[0].resource_record.type #=> String, one of "CNAME"
     #   resp.certificate.renewal_summary.domain_validation_options[0].resource_record.value #=> String
     #   resp.certificate.renewal_summary.domain_validation_options[0].validation_method #=> String, one of "EMAIL", "DNS"
-    #   resp.certificate.renewal_summary.renewal_status_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
+    #   resp.certificate.renewal_summary.renewal_status_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "DOMAIN_VALIDATION_DENIED", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_NAME_CONSTRAINTS_VALIDATION", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "PCA_INVALID_DURATION", "PCA_ACCESS_DENIED", "OTHER"
     #   resp.certificate.renewal_summary.updated_at #=> Time
     #   resp.certificate.key_usages #=> Array
     #   resp.certificate.key_usages[0].name #=> String, one of "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "CERTIFICATE_SIGNING", "CRL_SIGNING", "ENCIPHER_ONLY", "DECIPHER_ONLY", "ANY", "CUSTOM"
@@ -449,6 +503,11 @@ module Aws::ACM
     #   resp.certificate.renewal_eligibility #=> String, one of "ELIGIBLE", "INELIGIBLE"
     #   resp.certificate.options.certificate_transparency_logging_preference #=> String, one of "ENABLED", "DISABLED"
     #
+    #
+    # The following waiters are defined for this operation (see {Client#wait_until} for detailed usage):
+    #
+    #   * certificate_validated
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/DescribeCertificate AWS API Documentation
     #
     # @overload describe_certificate(params = {})
@@ -459,15 +518,18 @@ module Aws::ACM
     end
 
     # Exports a private certificate issued by a private certificate
-    # authority (CA) for use anywhere. You can export the certificate, the
-    # certificate chain, and the encrypted private key associated with the
-    # public key embedded in the certificate. You must store the private key
-    # securely. The private key is a 2048 bit RSA key. You must provide a
-    # passphrase for the private key when exporting it. You can use the
-    # following OpenSSL command to decrypt it later. Provide the passphrase
-    # when prompted.
+    # authority (CA) for use anywhere. The exported file contains the
+    # certificate, the certificate chain, and the encrypted private 2048-bit
+    # RSA key associated with the public key that is embedded in the
+    # certificate. For security, you must assign a passphrase for the
+    # private key when exporting it.
+    #
+    # For information about exporting and formatting a certificate using the
+    # ACM console or CLI, see [Export a Private Certificate][1].
     #
-    # `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-export-private.html
     #
     # @option params [required, String] :certificate_arn
     #   An Amazon Resource Name (ARN) of the issued certificate. This must be
@@ -511,12 +573,15 @@ module Aws::ACM
       req.send_request(options)
     end
 
-    # Retrieves a certificate specified by an ARN and its certificate chain
-    # . The chain is an ordered list of certificates that contains the end
-    # entity certificate, intermediate certificates of subordinate CAs, and
-    # the root certificate in that order. The certificate and certificate
-    # chain are base64 encoded. If you want to decode the certificate to see
-    # the individual fields, you can use OpenSSL.
+    # Retrieves an Amazon-issued certificate and its certificate chain. The
+    # chain consists of the certificate of the issuing CA and the
+    # intermediate certificates of any other subordinate CAs. All of the
+    # certificates are base64 encoded. You can use [OpenSSL][1] to decode
+    # the certificates and inspect individual fields.
+    #
+    #
+    #
+    # [1]: https://wiki.openssl.org/index.php/Command_Line_Utilities
     #
     # @option params [required, String] :certificate_arn
     #   String that contains a certificate ARN in the following format:
@@ -595,7 +660,7 @@ module Aws::ACM
     #
     # * To import a new certificate, omit the `CertificateArn` argument.
     #   Include this argument only when you want to replace a previously
-    #   imported certificate.
+    #   imported certifica
     #
     # * When you import a certificate by using the CLI, you must specify the
     #   certificate, the certificate chain, and the private key by their
@@ -608,6 +673,10 @@ module Aws::ACM
     #   certificate, the certificate chain, and the private key files in the
     #   manner required by the programming language you're using.
     #
+    # * The cryptographic algorithm of an imported certificate must match
+    #   the algorithm of the signing CA. For example, if the signing CA key
+    #   type is RSA, then the certificate key type must also be RSA.
+    #
     # This operation returns the [Amazon Resource Name (ARN)][4] of the
     # imported certificate.
     #
@@ -635,6 +704,11 @@ module Aws::ACM
     # @option params [String, IO] :certificate_chain
     #   The PEM encoded certificate chain.
     #
+    # @option params [Array<Types::Tag>] :tags
+    #   One or more resource tags to associate with the imported certificate.
+    #
+    #   Note: You cannot apply tags when reimporting a certificate.
+    #
     # @return [Types::ImportCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ImportCertificateResponse#certificate_arn #certificate_arn} => String
@@ -646,6 +720,12 @@ module Aws::ACM
     #     certificate: "data", # required
     #     private_key: "data", # required
     #     certificate_chain: "data",
+    #     tags: [
+    #       {
+    #         key: "TagKey", # required
+    #         value: "TagValue",
+    #       },
+    #     ],
     #   })
     #
     # @example Response structure
@@ -663,7 +743,9 @@ module Aws::ACM
 
     # Retrieves a list of certificate ARNs and domain names. You can request
     # that only certificates that match a specific status be listed. You can
-    # also filter by specific attributes of the certificate.
+    # also filter by specific attributes of the certificate. Default
+    # filtering returns only `RSA_2048` certificates. For more information,
+    # see Filters.
     #
     # @option params [Array<String>] :certificate_statuses
     #   Filter the certificate list by status value.
@@ -690,6 +772,8 @@ module Aws::ACM
     #   * {Types::ListCertificatesResponse#next_token #next_token} => String
     #   * {Types::ListCertificatesResponse#certificate_summary_list #certificate_summary_list} => Array&lt;Types::CertificateSummary&gt;
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_certificates({
@@ -876,7 +960,7 @@ module Aws::ACM
     #   For example, *.example.com protects www.example.com,
     #   site.example.com, and images.example.com.
     #
-    #   The first domain name you enter cannot exceed 63 octets, including
+    #   The first domain name you enter cannot exceed 64 octets, including
     #   periods. Each subsequent Subject Alternative Name (SAN), however, can
     #   be up to 253 octets in length.
     #
@@ -897,9 +981,9 @@ module Aws::ACM
     #   www.example.net to a certificate for which the `DomainName` field is
     #   www.example.com if users can reach your site by using either name. The
     #   maximum number of domain names that you can add to an ACM certificate
-    #   is 100. However, the initial limit is 10 domain names. If you need
-    #   more than 10 names, you must request a limit increase. For more
-    #   information, see [Limits][1].
+    #   is 100. However, the initial quota is 10 domain names. If you need
+    #   more than 10 names, you must request a quota increase. For more
+    #   information, see [Quotas][1].
     #
     #   The maximum length of a SAN DNS name is 253 octets. The name is made
     #   up of multiple labels separated by periods. No label can be longer
@@ -960,6 +1044,9 @@ module Aws::ACM
     #
     #   [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html
     #
+    # @option params [Array<Types::Tag>] :tags
+    #   One or more resource tags to associate with the certificate.
+    #
     # @return [Types::RequestCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::RequestCertificateResponse#certificate_arn #certificate_arn} => String
@@ -981,6 +1068,12 @@ module Aws::ACM
     #       certificate_transparency_logging_preference: "ENABLED", # accepts ENABLED, DISABLED
     #     },
     #     certificate_authority_arn: "Arn",
+    #     tags: [
+    #       {
+    #         key: "TagKey", # required
+    #         value: "TagValue",
+    #       },
+    #     ],
     #   })
     #
     # @example Response structure
@@ -1121,7 +1214,7 @@ module Aws::ACM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-acm'
-      context[:gem_version] = '1.26.0'
+      context[:gem_version] = '1.31.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 
@@ -1187,9 +1280,9 @@ module Aws::ACM
     # The following table lists the valid waiter names, the operations they call,
     # and the default `:delay` and `:max_attempts` values.
     #
-    # | waiter_name           | params                  | :delay   | :max_attempts |
-    # | --------------------- | ----------------------- | -------- | ------------- |
-    # | certificate_validated | {#describe_certificate} | 60       | 40            |
+    # | waiter_name           | params                        | :delay   | :max_attempts |
+    # | --------------------- | ----------------------------- | -------- | ------------- |
+    # | certificate_validated | {Client#describe_certificate} | 60       | 40            |
     #
     # @raise [Errors::FailureStateError] Raised when the waiter terminates
     #   because the waiter has entered a state that it will not transition

data/lib/aws-sdk-acm/client_api.rb

@@ -52,6 +52,7 @@ module Aws::ACM
     InvalidArgsException = Shapes::StructureShape.new(name: 'InvalidArgsException')
     InvalidArnException = Shapes::StructureShape.new(name: 'InvalidArnException')
     InvalidDomainValidationOptionsException = Shapes::StructureShape.new(name: 'InvalidDomainValidationOptionsException')
+    InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
     InvalidStateException = Shapes::StructureShape.new(name: 'InvalidStateException')
     InvalidTagException = Shapes::StructureShape.new(name: 'InvalidTagException')
     KeyAlgorithm = Shapes::StringShape.new(name: 'KeyAlgorithm')
@@ -89,6 +90,7 @@ module Aws::ACM
     Tag = Shapes::StructureShape.new(name: 'Tag')
     TagKey = Shapes::StringShape.new(name: 'TagKey')
     TagList = Shapes::ListShape.new(name: 'TagList')
+    TagPolicyException = Shapes::StructureShape.new(name: 'TagPolicyException')
     TagValue = Shapes::StringShape.new(name: 'TagValue')
     TooManyTagsException = Shapes::StructureShape.new(name: 'TooManyTagsException')
     UpdateCertificateOptionsRequest = Shapes::StructureShape.new(name: 'UpdateCertificateOptionsRequest')
@@ -198,6 +200,7 @@ module Aws::ACM
     ImportCertificateRequest.add_member(:certificate, Shapes::ShapeRef.new(shape: CertificateBodyBlob, required: true, location_name: "Certificate"))
     ImportCertificateRequest.add_member(:private_key, Shapes::ShapeRef.new(shape: PrivateKeyBlob, required: true, location_name: "PrivateKey"))
     ImportCertificateRequest.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: CertificateChainBlob, location_name: "CertificateChain"))
+    ImportCertificateRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     ImportCertificateRequest.struct_class = Types::ImportCertificateRequest
 
     ImportCertificateResponse.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateArn"))
@@ -214,6 +217,9 @@ module Aws::ACM
     InvalidDomainValidationOptionsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     InvalidDomainValidationOptionsException.struct_class = Types::InvalidDomainValidationOptionsException
 
+    InvalidParameterException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
+    InvalidParameterException.struct_class = Types::InvalidParameterException
+
     InvalidStateException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     InvalidStateException.struct_class = Types::InvalidStateException
 
@@ -268,6 +274,7 @@ module Aws::ACM
     RequestCertificateRequest.add_member(:domain_validation_options, Shapes::ShapeRef.new(shape: DomainValidationOptionList, location_name: "DomainValidationOptions"))
     RequestCertificateRequest.add_member(:options, Shapes::ShapeRef.new(shape: CertificateOptions, location_name: "Options"))
     RequestCertificateRequest.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateAuthorityArn"))
+    RequestCertificateRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     RequestCertificateRequest.struct_class = Types::RequestCertificateRequest
 
     RequestCertificateResponse.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateArn"))
@@ -298,6 +305,9 @@ module Aws::ACM
 
     TagList.member = Shapes::ShapeRef.new(shape: Tag)
 
+    TagPolicyException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
+    TagPolicyException.struct_class = Types::TagPolicyException
+
     TooManyTagsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     TooManyTagsException.struct_class = Types::TooManyTagsException
 
@@ -336,6 +346,8 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
         o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException)
+        o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
       end)
 
       api.add_operation(:delete_certificate, Seahorse::Model::Operation.new.tap do |o|
@@ -389,6 +401,10 @@ module Aws::ACM
         o.output = Shapes::ShapeRef.new(shape: ImportCertificateResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException)
+        o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
       end)
 
       api.add_operation(:list_certificates, Seahorse::Model::Operation.new.tap do |o|
@@ -425,6 +441,8 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
+        o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
       end)
 
       api.add_operation(:renew_certificate, Seahorse::Model::Operation.new.tap do |o|
@@ -446,6 +464,10 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidDomainValidationOptionsException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException)
+        o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
       end)
 
       api.add_operation(:resend_validation_email, Seahorse::Model::Operation.new.tap do |o|

data/lib/aws-sdk-acm/errors.rb

@@ -6,6 +6,40 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::ACM
+
+  # When ACM returns an error response, the Ruby SDK constructs and raises an error.
+  # These errors all extend Aws::ACM::Errors::ServiceError < {Aws::Errors::ServiceError}
+  #
+  # You can rescue all ACM errors using ServiceError:
+  #
+  #     begin
+  #       # do stuff
+  #     rescue Aws::ACM::Errors::ServiceError
+  #       # rescues all ACM API errors
+  #     end
+  #
+  #
+  # ## Request Context
+  # ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
+  # information about the request that generated the error.
+  # See {Seahorse::Client::RequestContext} for more information.
+  #
+  # ## Error Classes
+  # * {InvalidArgsException}
+  # * {InvalidArnException}
+  # * {InvalidDomainValidationOptionsException}
+  # * {InvalidParameterException}
+  # * {InvalidStateException}
+  # * {InvalidTagException}
+  # * {LimitExceededException}
+  # * {RequestInProgressException}
+  # * {ResourceInUseException}
+  # * {ResourceNotFoundException}
+  # * {TagPolicyException}
+  # * {TooManyTagsException}
+  #
+  # Additionally, error classes are dynamically generated for service errors based on the error code
+  # if they are not defined above.
   module Errors
 
     extend Aws::Errors::DynamicErrors
@@ -23,7 +57,6 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidArnException < ServiceError
@@ -39,7 +72,6 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidDomainValidationOptionsException < ServiceError
@@ -55,7 +87,21 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
+    end
+
+    class InvalidParameterException < ServiceError
 
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ACM::Types::InvalidParameterException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
     end
 
     class InvalidStateException < ServiceError
@@ -71,7 +117,6 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidTagException < ServiceError
@@ -87,7 +132,6 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
-
     end
 
     class LimitExceededException < ServiceError
@@ -103,7 +147,6 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
-
     end
 
     class RequestInProgressException < ServiceError
@@ -119,7 +162,6 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
-
     end
 
     class ResourceInUseException < ServiceError
@@ -135,7 +177,6 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
-
     end
 
     class ResourceNotFoundException < ServiceError
@@ -151,7 +192,21 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
+    end
+
+    class TagPolicyException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ACM::Types::TagPolicyException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
 
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
     end
 
     class TooManyTagsException < ServiceError
@@ -167,7 +222,6 @@ module Aws::ACM
       def message
         @message || @data[:message]
       end
-
     end
 
   end

data/lib/aws-sdk-acm/resource.rb

@@ -6,6 +6,7 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::ACM
+
   class Resource
 
     # @param options ({})

data/lib/aws-sdk-acm/types.rb

@@ -409,6 +409,12 @@ module Aws::ACM
     #   domain validation. For more information, see [Use DNS to Validate
     #   Domain Ownership][1].
     #
+    #   Note: The CNAME information that you need does not include the name
+    #   of your domain. If you include
 your domain name in the DNS database
+    #   CNAME record, validation fails.
 For example, if the name is
+    #   "\_a79865eb4cd1a6ab990a45779b4e0b96.yourdomain.com", only
+    #   "\_a79865eb4cd1a6ab990a45779b4e0b96" must be used.
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
@@ -592,6 +598,12 @@ module Aws::ACM
     # @!attribute [rw] key_types
     #   Specify one or more algorithms that can be used to generate key
     #   pairs.
+    #
+    #   Default filtering returns only `RSA_2048` certificates. To return
+    #   other certificate types, provide the desired type signatures in a
+    #   comma-separated list. For example, `"keyTypes":
+    #   ["RSA_2048,RSA_4096"]` returns both `RSA_2048` and `RSA_4096`
+    #   certificates.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/Filters AWS API Documentation
@@ -631,13 +643,14 @@ module Aws::ACM
     end
 
     # @!attribute [rw] certificate
-    #   String that contains the ACM certificate represented by the ARN
-    #   specified at input.
+    #   The ACM-issued certificate corresponding to the ARN specified as
+    #   input.
     #   @return [String]
     #
     # @!attribute [rw] certificate_chain
-    #   The certificate chain that contains the root certificate issued by
-    #   the certificate authority (CA).
+    #   Certificates forming the requested certificate's chain of trust.
+    #   The chain consists of the certificate of the issuing CA and the
+    #   intermediate certificates of any other subordinate CAs.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/GetCertificateResponse AWS API Documentation
@@ -656,6 +669,12 @@ module Aws::ACM
     #         certificate: "data", # required
     #         private_key: "data", # required
     #         certificate_chain: "data",
+    #         tags: [
+    #           {
+    #             key: "TagKey", # required
+    #             value: "TagValue",
+    #           },
+    #         ],
     #       }
     #
     # @!attribute [rw] certificate_arn
@@ -679,13 +698,21 @@ module Aws::ACM
     #   The PEM encoded certificate chain.
     #   @return [String]
     #
+    # @!attribute [rw] tags
+    #   One or more resource tags to associate with the imported
+    #   certificate.
+    #
+    #   Note: You cannot apply tags when reimporting a certificate.
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ImportCertificateRequest AWS API Documentation
     #
     class ImportCertificateRequest < Struct.new(
       :certificate_arn,
       :certificate,
       :private_key,
-      :certificate_chain)
+      :certificate_chain,
+      :tags)
       include Aws::Structure
     end
 
@@ -742,6 +769,18 @@ module Aws::ACM
       include Aws::Structure
     end
 
+    # An input parameter was invalid.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/InvalidParameterException AWS API Documentation
+    #
+    class InvalidParameterException < Struct.new(
+      :message)
+      include Aws::Structure
+    end
+
     # Processing has reached an invalid state.
     #
     # @!attribute [rw] message
@@ -782,7 +821,7 @@ module Aws::ACM
       include Aws::Structure
     end
 
-    # An ACM limit has been exceeded.
+    # An ACM quota has been exceeded.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -1030,6 +1069,12 @@ module Aws::ACM
     #           certificate_transparency_logging_preference: "ENABLED", # accepts ENABLED, DISABLED
     #         },
     #         certificate_authority_arn: "Arn",
+    #         tags: [
+    #           {
+    #             key: "TagKey", # required
+    #             value: "TagValue",
+    #           },
+    #         ],
     #       }
     #
     # @!attribute [rw] domain_name
@@ -1039,7 +1084,7 @@ module Aws::ACM
     #   same domain. For example, *.example.com protects www.example.com,
     #   site.example.com, and images.example.com.
     #
-    #   The first domain name you enter cannot exceed 63 octets, including
+    #   The first domain name you enter cannot exceed 64 octets, including
     #   periods. Each subsequent Subject Alternative Name (SAN), however,
     #   can be up to 253 octets in length.
     #   @return [String]
@@ -1062,9 +1107,9 @@ module Aws::ACM
     #   www.example.net to a certificate for which the `DomainName` field is
     #   www.example.com if users can reach your site by using either name.
     #   The maximum number of domain names that you can add to an ACM
-    #   certificate is 100. However, the initial limit is 10 domain names.
-    #   If you need more than 10 names, you must request a limit increase.
-    #   For more information, see [Limits][1].
+    #   certificate is 100. However, the initial quota is 10 domain names.
+    #   If you need more than 10 names, you must request a quota increase.
+    #   For more information, see [Quotas][1].
     #
     #   The maximum length of a SAN DNS name is 253 octets. The name is made
     #   up of multiple labels separated by periods. No label can be longer
@@ -1132,6 +1177,10 @@ module Aws::ACM
     #   [1]: https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html
     #   @return [String]
     #
+    # @!attribute [rw] tags
+    #   One or more resource tags to associate with the certificate.
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/RequestCertificateRequest AWS API Documentation
     #
     class RequestCertificateRequest < Struct.new(
@@ -1141,7 +1190,8 @@ module Aws::ACM
       :idempotency_token,
       :domain_validation_options,
       :options,
-      :certificate_authority_arn)
+      :certificate_authority_arn,
+      :tags)
       include Aws::Structure
     end
 
@@ -1306,6 +1356,19 @@ module Aws::ACM
       include Aws::Structure
     end
 
+    # A specified tag did not comply with an existing tag policy and was
+    # rejected.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/TagPolicyException AWS API Documentation
+    #
+    class TagPolicyException < Struct.new(
+      :message)
+      include Aws::Structure
+    end
+
     # The request contains too many tags. Try the request again with fewer
     # tags.
     #

data/lib/aws-sdk-acm/waiters.rb

@@ -8,6 +8,67 @@
 require 'aws-sdk-core/waiters'
 
 module Aws::ACM
+  # Waiters are utility methods that poll for a particular state to occur
+  # on a client. Waiters can fail after a number of attempts at a polling
+  # interval defined for the service client.
+  #
+  # For a list of operations that can be waited for and the
+  # client methods called for each operation, see the table below or the
+  # {Client#wait_until} field documentation for the {Client}.
+  #
+  # # Invoking a Waiter
+  # To invoke a waiter, call #wait_until on a {Client}. The first parameter
+  # is the waiter name, which is specific to the service client and indicates
+  # which operation is being waited for. The second parameter is a hash of
+  # parameters that are passed to the client method called by the waiter,
+  # which varies according to the waiter name.
+  #
+  # # Wait Failures
+  # To catch errors in a waiter, use WaiterFailed,
+  # as shown in the following example.
+  #
+  #     rescue rescue Aws::Waiters::Errors::WaiterFailed => error
+  #       puts "failed waiting for instance running: #{error.message}
+  #     end
+  #
+  # # Configuring a Waiter
+  # Each waiter has a default polling interval and a maximum number of
+  # attempts it will make before returning control to your program.
+  # To set these values, use the `max_attempts` and `delay` parameters
+  # in your `#wait_until` call.
+  # The following example waits for up to 25 seconds, polling every five seconds.
+  #
+  #     client.wait_until(...) do |w|
+  #       w.max_attempts = 5
+  #       w.delay = 5
+  #     end
+  #
+  # To disable wait failures, set the value of either of these parameters
+  # to `nil`.
+  #
+  # # Extending a Waiter
+  # To modify the behavior of waiters, you can register callbacks that are
+  # triggered before each polling attempt and before waiting.
+  #
+  # The following example implements an exponential backoff in a waiter
+  # by doubling the amount of time to wait on every attempt.
+  #
+  #     client.wait_until(...) do |w|
+  #       w.interval = 0 # disable normal sleep
+  #       w.before_wait do |n, resp|
+  #         sleep(n ** 2)
+  #       end
+  #     end
+  #
+  # # Available Waiters
+  #
+  # The following table lists the valid waiter names, the operations they call,
+  # and the default `:delay` and `:max_attempts` values.
+  #
+  # | waiter_name           | params                        | :delay   | :max_attempts |
+  # | --------------------- | ----------------------------- | -------- | ------------- |
+  # | certificate_validated | {Client#describe_certificate} | 60       | 40            |
+  #
   module Waiters
 
     class CertificateValidated

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acm
 version: !ruby/object:Gem::Version
-  version: 1.26.0
+  version: 1.31.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-10-23 00:00:00.000000000 Z
+date: 2020-05-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -82,7 +82,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2.3
+rubygems_version: 2.7.6.2
 signing_key: 
 specification_version: 4
 summary: AWS SDK for Ruby - ACM