aws-sdk-acm 1.38.0 → 1.42.0

data/VERSION

@@ -0,0 +1 @@
+1.42.0

data/lib/aws-sdk-acm.rb

@@ -3,7 +3,7 @@
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
 
@@ -49,6 +49,6 @@ require_relative 'aws-sdk-acm/customizations'
 # @!group service
 module Aws::ACM
 
-  GEM_VERSION = '1.38.0'
+  GEM_VERSION = '1.42.0'
 
 end

data/lib/aws-sdk-acm/client.rb

@@ -3,7 +3,7 @@
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
 
@@ -338,10 +338,10 @@ module Aws::ACM
     # @!group API Operations
 
     # Adds one or more tags to an ACM certificate. Tags are labels that you
-    # can use to identify and organize your AWS resources. Each tag consists
-    # of a `key` and an optional `value`. You specify the certificate on
-    # input by its Amazon Resource Name (ARN). You specify the tag by using
-    # a key-value pair.
+    # can use to identify and organize your Amazon Web Services resources.
+    # Each tag consists of a `key` and an optional `value`. You specify the
+    # certificate on input by its Amazon Resource Name (ARN). You specify
+    # the tag by using a key-value pair.
     #
     # You can apply a tag to just one certificate if you want to identify a
     # specific characteristic of that certificate, or you can apply the same
@@ -367,8 +367,8 @@ module Aws::ACM
     #
     #   `arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012`
     #
-    #   For more information about ARNs, see [Amazon Resource Names (ARNs) and
-    #   AWS Service Namespaces][1].
+    #   For more information about ARNs, see [Amazon Resource Names
+    #   (ARNs)][1].
     #
     #
     #
@@ -404,11 +404,11 @@ module Aws::ACM
     # succeeds, the certificate no longer appears in the list that can be
     # displayed by calling the ListCertificates action or be retrieved by
     # calling the GetCertificate action. The certificate will not be
-    # available for use by AWS services integrated with ACM.
+    # available for use by Amazon Web Services services integrated with ACM.
     #
-    # <note markdown="1"> You cannot delete an ACM certificate that is being used by another AWS
-    # service. To delete a certificate that is in use, the certificate
-    # association must first be removed.
+    # <note markdown="1"> You cannot delete an ACM certificate that is being used by another
+    # Amazon Web Services service. To delete a certificate that is in use,
+    # the certificate association must first be removed.
     #
     #  </note>
     #
@@ -418,8 +418,8 @@ module Aws::ACM
     #
     #   `arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012`
     #
-    #   For more information about ARNs, see [Amazon Resource Names (ARNs) and
-    #   AWS Service Namespaces][1].
+    #   For more information about ARNs, see [Amazon Resource Names
+    #   (ARNs)][1].
     #
     #
     #
@@ -450,8 +450,8 @@ module Aws::ACM
     #
     #   `arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012`
     #
-    #   For more information about ARNs, see [Amazon Resource Names (ARNs) and
-    #   AWS Service Namespaces][1].
+    #   For more information about ARNs, see [Amazon Resource Names
+    #   (ARNs)][1].
     #
     #
     #
@@ -494,7 +494,7 @@ module Aws::ACM
     #   resp.certificate.revocation_reason #=> String, one of "UNSPECIFIED", "KEY_COMPROMISE", "CA_COMPROMISE", "AFFILIATION_CHANGED", "SUPERCEDED", "CESSATION_OF_OPERATION", "CERTIFICATE_HOLD", "REMOVE_FROM_CRL", "PRIVILEGE_WITHDRAWN", "A_A_COMPROMISE"
     #   resp.certificate.not_before #=> Time
     #   resp.certificate.not_after #=> Time
-    #   resp.certificate.key_algorithm #=> String, one of "RSA_2048", "RSA_1024", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1"
+    #   resp.certificate.key_algorithm #=> String, one of "RSA_1024", "RSA_2048", "RSA_3072", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1"
     #   resp.certificate.signature_algorithm #=> String
     #   resp.certificate.in_use_by #=> Array
     #   resp.certificate.in_use_by[0] #=> String
@@ -592,6 +592,26 @@ module Aws::ACM
       req.send_request(options)
     end
 
+    # Returns the account configuration options associated with an Amazon
+    # Web Services account.
+    #
+    # @return [Types::GetAccountConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetAccountConfigurationResponse#expiry_events #expiry_events} => Types::ExpiryEventsConfiguration
+    #
+    # @example Response structure
+    #
+    #   resp.expiry_events.days_before_expiry #=> Integer
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/GetAccountConfiguration AWS API Documentation
+    #
+    # @overload get_account_configuration(params = {})
+    # @param [Hash] params ({})
+    def get_account_configuration(params = {}, options = {})
+      req = build_request(:get_account_configuration, params)
+      req.send_request(options)
+    end
+
     # Retrieves an Amazon-issued certificate and its certificate chain. The
     # chain consists of the certificate of the issuing CA and the
     # intermediate certificates of any other subordinate CAs. All of the
@@ -607,8 +627,8 @@ module Aws::ACM
     #
     #   `arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012`
     #
-    #   For more information about ARNs, see [Amazon Resource Names (ARNs) and
-    #   AWS Service Namespaces][1].
+    #   For more information about ARNs, see [Amazon Resource Names
+    #   (ARNs)][1].
     #
     #
     #
@@ -639,14 +659,15 @@ module Aws::ACM
       req.send_request(options)
     end
 
-    # Imports a certificate into AWS Certificate Manager (ACM) to use with
-    # services that are integrated with ACM. Note that [integrated
-    # services][1] allow only certificate types and keys they support to be
-    # associated with their resources. Further, their support differs
-    # depending on whether the certificate is imported into IAM or into ACM.
-    # For more information, see the documentation for each service. For more
-    # information about importing certificates into ACM, see [Importing
-    # Certificates][2] in the *AWS Certificate Manager User Guide*.
+    # Imports a certificate into Amazon Web Services Certificate Manager
+    # (ACM) to use with services that are integrated with ACM. Note that
+    # [integrated services][1] allow only certificate types and keys they
+    # support to be associated with their resources. Further, their support
+    # differs depending on whether the certificate is imported into IAM or
+    # into ACM. For more information, see the documentation for each
+    # service. For more information about importing certificates into ACM,
+    # see [Importing Certificates][2] in the *Amazon Web Services
+    # Certificate Manager User Guide*.
     #
     # <note markdown="1"> ACM does not provide [managed renewal][3] for certificates that you
     # import.
@@ -661,6 +682,8 @@ module Aws::ACM
     # * The private key must be unencrypted. You cannot import a private key
     #   that is protected by a password or a passphrase.
     #
+    # * The private key must be no larger than 5 KB (5,120 bytes).
+    #
     # * If the certificate you are importing is not self-signed, you must
     #   enter its certificate chain.
     #
@@ -679,13 +702,13 @@ module Aws::ACM
     #
     # * To import a new certificate, omit the `CertificateArn` argument.
     #   Include this argument only when you want to replace a previously
-    #   imported certifica
+    #   imported certificate.
     #
     # * When you import a certificate by using the CLI, you must specify the
     #   certificate, the certificate chain, and the private key by their
-    #   file names preceded by `file://`. For example, you can specify a
+    #   file names preceded by `fileb://`. For example, you can specify a
     #   certificate saved in the `C:\temp` folder as
-    #   `file://C:\temp\certificate_to_import.pem`. If you are making an
+    #   `fileb://C:\temp\certificate_to_import.pem`. If you are making an
     #   HTTP or HTTPS Query request, include these arguments as BLOBs.
     #
     # * When you import a certificate by using an SDK, you must specify the
@@ -800,7 +823,7 @@ module Aws::ACM
     #     includes: {
     #       extended_key_usage: ["TLS_WEB_SERVER_AUTHENTICATION"], # accepts TLS_WEB_SERVER_AUTHENTICATION, TLS_WEB_CLIENT_AUTHENTICATION, CODE_SIGNING, EMAIL_PROTECTION, TIME_STAMPING, OCSP_SIGNING, IPSEC_END_SYSTEM, IPSEC_TUNNEL, IPSEC_USER, ANY, NONE, CUSTOM
     #       key_usage: ["DIGITAL_SIGNATURE"], # accepts DIGITAL_SIGNATURE, NON_REPUDIATION, KEY_ENCIPHERMENT, DATA_ENCIPHERMENT, KEY_AGREEMENT, CERTIFICATE_SIGNING, CRL_SIGNING, ENCIPHER_ONLY, DECIPHER_ONLY, ANY, CUSTOM
-    #       key_types: ["RSA_2048"], # accepts RSA_2048, RSA_1024, RSA_4096, EC_prime256v1, EC_secp384r1, EC_secp521r1
+    #       key_types: ["RSA_1024"], # accepts RSA_1024, RSA_2048, RSA_3072, RSA_4096, EC_prime256v1, EC_secp384r1, EC_secp521r1
     #     },
     #     next_token: "NextToken",
     #     max_items: 1,
@@ -833,8 +856,8 @@ module Aws::ACM
     #
     #   `arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012`
     #
-    #   For more information about ARNs, see [Amazon Resource Names (ARNs) and
-    #   AWS Service Namespaces][1].
+    #   For more information about ARNs, see [Amazon Resource Names
+    #   (ARNs)][1].
     #
     #
     #
@@ -865,6 +888,45 @@ module Aws::ACM
       req.send_request(options)
     end
 
+    # Adds or modifies account-level configurations in ACM.
+    #
+    # The supported configuration option is `DaysBeforeExpiry`. This option
+    # specifies the number of days prior to certificate expiration when ACM
+    # starts generating `EventBridge` events. ACM sends one event per day
+    # per certificate until the certificate expires. By default, accounts
+    # receive events starting 45 days before certificate expiration.
+    #
+    # @option params [Types::ExpiryEventsConfiguration] :expiry_events
+    #   Specifies expiration events associated with an account.
+    #
+    # @option params [required, String] :idempotency_token
+    #   Customer-chosen string used to distinguish between calls to
+    #   `PutAccountConfiguration`. Idempotency tokens time out after one hour.
+    #   If you call `PutAccountConfiguration` multiple times with the same
+    #   unexpired idempotency token, ACM treats it as the same request and
+    #   returns the original result. If you change the idempotency token for
+    #   each call, ACM treats each call as a new request.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_account_configuration({
+    #     expiry_events: {
+    #       days_before_expiry: 1,
+    #     },
+    #     idempotency_token: "IdempotencyToken", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/PutAccountConfiguration AWS API Documentation
+    #
+    # @overload put_account_configuration(params = {})
+    # @param [Hash] params ({})
+    def put_account_configuration(params = {}, options = {})
+      req = build_request(:put_account_configuration, params)
+      req.send_request(options)
+    end
+
     # Remove one or more tags from an ACM certificate. A tag consists of a
     # key-value pair. If you do not specify the value portion of the tag
     # when calling this function, the tag will be removed regardless of
@@ -881,8 +943,8 @@ module Aws::ACM
     #
     #   `arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012`
     #
-    #   For more information about ARNs, see [Amazon Resource Names (ARNs) and
-    #   AWS Service Namespaces][1].
+    #   For more information about ARNs, see [Amazon Resource Names
+    #   (ARNs)][1].
     #
     #
     #
@@ -914,7 +976,7 @@ module Aws::ACM
       req.send_request(options)
     end
 
-    # Renews an eligable ACM certificate. At this time, only exported
+    # Renews an eligible ACM certificate. At this time, only exported
     # private certificates can be renewed with this operation. In order to
     # renew your ACM PCA certificates with ACM, you must first [grant the
     # ACM service principal permission to do so][1]. For more information,
@@ -931,8 +993,8 @@ module Aws::ACM
     #
     #   `arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012`
     #
-    #   For more information about ARNs, see [Amazon Resource Names (ARNs) and
-    #   AWS Service Namespaces][1].
+    #   For more information about ARNs, see [Amazon Resource Names
+    #   (ARNs)][1].
     #
     #
     #
@@ -955,10 +1017,11 @@ module Aws::ACM
       req.send_request(options)
     end
 
-    # Requests an ACM certificate for use with other AWS services. To
-    # request an ACM certificate, you must specify a fully qualified domain
-    # name (FQDN) in the `DomainName` parameter. You can also specify
-    # additional FQDNs in the `SubjectAlternativeNames` parameter.
+    # Requests an ACM certificate for use with other Amazon Web Services
+    # services. To request an ACM certificate, you must specify a fully
+    # qualified domain name (FQDN) in the `DomainName` parameter. You can
+    # also specify additional FQDNs in the `SubjectAlternativeNames`
+    # parameter.
     #
     # If you are requesting a private certificate, domain validation is not
     # required. If you are requesting a public certificate, each domain name
@@ -967,10 +1030,19 @@ module Aws::ACM
     # We recommend that you use DNS validation. ACM issues public
     # certificates after receiving approval from the domain owner.
     #
+    # <note markdown="1"> ACM behavior differs from the
+    # [https://tools.ietf.org/html/rfc6125#appendix-B.2][3]RFC 6125
+    # specification of the certificate validation process. first checks for
+    # a subject alternative name, and, if it finds one, ignores the common
+    # name (CN)
+    #
+    #  </note>
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
     # [2]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
+    # [3]: https://tools.ietf.org/html/rfc6125#appendix-B.2
     #
     # @option params [required, String] :domain_name
     #   Fully qualified domain name (FQDN), such as www.example.com, that you
@@ -1054,8 +1126,9 @@ module Aws::ACM
     #   (CA) that will be used to issue the certificate. If you do not provide
     #   an ARN and you are trying to request a private certificate, ACM will
     #   attempt to issue a public certificate. For more information about
-    #   private CAs, see the [AWS Certificate Manager Private Certificate
-    #   Authority (PCA)][1] user guide. The ARN must have the following form:
+    #   private CAs, see the [Amazon Web Services Certificate Manager Private
+    #   Certificate Authority (PCA)][1] user guide. The ARN must have the
+    #   following form:
     #
     #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
     #
@@ -1233,7 +1306,7 @@ module Aws::ACM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-acm'
-      context[:gem_version] = '1.38.0'
+      context[:gem_version] = '1.42.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-acm/client_api.rb

@@ -3,7 +3,7 @@
 # WARNING ABOUT GENERATED CODE
 #
 # This file is generated. See the contributing guide for more information:
-# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
 #
 # WARNING ABOUT GENERATED CODE
 
@@ -13,8 +13,10 @@ module Aws::ACM
 
     include Seahorse::Model
 
+    AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
     AddTagsToCertificateRequest = Shapes::StructureShape.new(name: 'AddTagsToCertificateRequest')
     Arn = Shapes::StringShape.new(name: 'Arn')
+    AvailabilityErrorMessage = Shapes::StringShape.new(name: 'AvailabilityErrorMessage')
     CertificateBody = Shapes::StringShape.new(name: 'CertificateBody')
     CertificateBodyBlob = Shapes::BlobShape.new(name: 'CertificateBodyBlob')
     CertificateChain = Shapes::StringShape.new(name: 'CertificateChain')
@@ -27,6 +29,7 @@ module Aws::ACM
     CertificateSummaryList = Shapes::ListShape.new(name: 'CertificateSummaryList')
     CertificateTransparencyLoggingPreference = Shapes::StringShape.new(name: 'CertificateTransparencyLoggingPreference')
     CertificateType = Shapes::StringShape.new(name: 'CertificateType')
+    ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
     DeleteCertificateRequest = Shapes::StructureShape.new(name: 'DeleteCertificateRequest')
     DescribeCertificateRequest = Shapes::StructureShape.new(name: 'DescribeCertificateRequest')
     DescribeCertificateResponse = Shapes::StructureShape.new(name: 'DescribeCertificateResponse')
@@ -37,6 +40,7 @@ module Aws::ACM
     DomainValidationList = Shapes::ListShape.new(name: 'DomainValidationList')
     DomainValidationOption = Shapes::StructureShape.new(name: 'DomainValidationOption')
     DomainValidationOptionList = Shapes::ListShape.new(name: 'DomainValidationOptionList')
+    ExpiryEventsConfiguration = Shapes::StructureShape.new(name: 'ExpiryEventsConfiguration')
     ExportCertificateRequest = Shapes::StructureShape.new(name: 'ExportCertificateRequest')
     ExportCertificateResponse = Shapes::StructureShape.new(name: 'ExportCertificateResponse')
     ExtendedKeyUsage = Shapes::StructureShape.new(name: 'ExtendedKeyUsage')
@@ -45,6 +49,7 @@ module Aws::ACM
     ExtendedKeyUsageName = Shapes::StringShape.new(name: 'ExtendedKeyUsageName')
     FailureReason = Shapes::StringShape.new(name: 'FailureReason')
     Filters = Shapes::StructureShape.new(name: 'Filters')
+    GetAccountConfigurationResponse = Shapes::StructureShape.new(name: 'GetAccountConfigurationResponse')
     GetCertificateRequest = Shapes::StructureShape.new(name: 'GetCertificateRequest')
     GetCertificateResponse = Shapes::StructureShape.new(name: 'GetCertificateResponse')
     IdempotencyToken = Shapes::StringShape.new(name: 'IdempotencyToken')
@@ -71,8 +76,10 @@ module Aws::ACM
     MaxItems = Shapes::IntegerShape.new(name: 'MaxItems')
     NextToken = Shapes::StringShape.new(name: 'NextToken')
     PassphraseBlob = Shapes::BlobShape.new(name: 'PassphraseBlob')
+    PositiveInteger = Shapes::IntegerShape.new(name: 'PositiveInteger')
     PrivateKey = Shapes::StringShape.new(name: 'PrivateKey')
     PrivateKeyBlob = Shapes::BlobShape.new(name: 'PrivateKeyBlob')
+    PutAccountConfigurationRequest = Shapes::StructureShape.new(name: 'PutAccountConfigurationRequest')
     RecordType = Shapes::StringShape.new(name: 'RecordType')
     RemoveTagsFromCertificateRequest = Shapes::StructureShape.new(name: 'RemoveTagsFromCertificateRequest')
     RenewCertificateRequest = Shapes::StructureShape.new(name: 'RenewCertificateRequest')
@@ -87,6 +94,7 @@ module Aws::ACM
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
     ResourceRecord = Shapes::StructureShape.new(name: 'ResourceRecord')
     RevocationReason = Shapes::StringShape.new(name: 'RevocationReason')
+    ServiceErrorMessage = Shapes::StringShape.new(name: 'ServiceErrorMessage')
     String = Shapes::StringShape.new(name: 'String')
     TStamp = Shapes::TimestampShape.new(name: 'TStamp')
     Tag = Shapes::StructureShape.new(name: 'Tag')
@@ -94,11 +102,17 @@ module Aws::ACM
     TagList = Shapes::ListShape.new(name: 'TagList')
     TagPolicyException = Shapes::StructureShape.new(name: 'TagPolicyException')
     TagValue = Shapes::StringShape.new(name: 'TagValue')
+    ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
     TooManyTagsException = Shapes::StructureShape.new(name: 'TooManyTagsException')
     UpdateCertificateOptionsRequest = Shapes::StructureShape.new(name: 'UpdateCertificateOptionsRequest')
     ValidationEmailList = Shapes::ListShape.new(name: 'ValidationEmailList')
+    ValidationException = Shapes::StructureShape.new(name: 'ValidationException')
+    ValidationExceptionMessage = Shapes::StringShape.new(name: 'ValidationExceptionMessage')
     ValidationMethod = Shapes::StringShape.new(name: 'ValidationMethod')
 
+    AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: ServiceErrorMessage, location_name: "Message"))
+    AccessDeniedException.struct_class = Types::AccessDeniedException
+
     AddTagsToCertificateRequest.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateArn"))
     AddTagsToCertificateRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, required: true, location_name: "Tags"))
     AddTagsToCertificateRequest.struct_class = Types::AddTagsToCertificateRequest
@@ -142,6 +156,9 @@ module Aws::ACM
 
     CertificateSummaryList.member = Shapes::ShapeRef.new(shape: CertificateSummary)
 
+    ConflictException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
+    ConflictException.struct_class = Types::ConflictException
+
     DeleteCertificateRequest.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateArn"))
     DeleteCertificateRequest.struct_class = Types::DeleteCertificateRequest
 
@@ -169,6 +186,9 @@ module Aws::ACM
 
     DomainValidationOptionList.member = Shapes::ShapeRef.new(shape: DomainValidationOption)
 
+    ExpiryEventsConfiguration.add_member(:days_before_expiry, Shapes::ShapeRef.new(shape: PositiveInteger, location_name: "DaysBeforeExpiry"))
+    ExpiryEventsConfiguration.struct_class = Types::ExpiryEventsConfiguration
+
     ExportCertificateRequest.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateArn"))
     ExportCertificateRequest.add_member(:passphrase, Shapes::ShapeRef.new(shape: PassphraseBlob, required: true, location_name: "Passphrase"))
     ExportCertificateRequest.struct_class = Types::ExportCertificateRequest
@@ -191,6 +211,9 @@ module Aws::ACM
     Filters.add_member(:key_types, Shapes::ShapeRef.new(shape: KeyAlgorithmList, location_name: "keyTypes"))
     Filters.struct_class = Types::Filters
 
+    GetAccountConfigurationResponse.add_member(:expiry_events, Shapes::ShapeRef.new(shape: ExpiryEventsConfiguration, location_name: "ExpiryEvents"))
+    GetAccountConfigurationResponse.struct_class = Types::GetAccountConfigurationResponse
+
     GetCertificateRequest.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateArn"))
     GetCertificateRequest.struct_class = Types::GetCertificateRequest
 
@@ -256,6 +279,10 @@ module Aws::ACM
     ListTagsForCertificateResponse.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "Tags"))
     ListTagsForCertificateResponse.struct_class = Types::ListTagsForCertificateResponse
 
+    PutAccountConfigurationRequest.add_member(:expiry_events, Shapes::ShapeRef.new(shape: ExpiryEventsConfiguration, location_name: "ExpiryEvents"))
+    PutAccountConfigurationRequest.add_member(:idempotency_token, Shapes::ShapeRef.new(shape: IdempotencyToken, required: true, location_name: "IdempotencyToken"))
+    PutAccountConfigurationRequest.struct_class = Types::PutAccountConfigurationRequest
+
     RemoveTagsFromCertificateRequest.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateArn"))
     RemoveTagsFromCertificateRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, required: true, location_name: "Tags"))
     RemoveTagsFromCertificateRequest.struct_class = Types::RemoveTagsFromCertificateRequest
@@ -310,6 +337,9 @@ module Aws::ACM
     TagPolicyException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     TagPolicyException.struct_class = Types::TagPolicyException
 
+    ThrottlingException.add_member(:message, Shapes::ShapeRef.new(shape: AvailabilityErrorMessage, location_name: "message"))
+    ThrottlingException.struct_class = Types::ThrottlingException
+
     TooManyTagsException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     TooManyTagsException.struct_class = Types::TooManyTagsException
 
@@ -319,6 +349,9 @@ module Aws::ACM
 
     ValidationEmailList.member = Shapes::ShapeRef.new(shape: String)
 
+    ValidationException.add_member(:message, Shapes::ShapeRef.new(shape: ValidationExceptionMessage, location_name: "message"))
+    ValidationException.struct_class = Types::ValidationException
+
 
     # @api private
     API = Seahorse::Model::Api.new.tap do |api|
@@ -350,6 +383,7 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException)
         o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
       end)
 
       api.add_operation(:delete_certificate, Seahorse::Model::Operation.new.tap do |o|
@@ -384,6 +418,16 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
       end)
 
+      api.add_operation(:get_account_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetAccountConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
+        o.output = Shapes::ShapeRef.new(shape: GetAccountConfigurationResponse)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
+      end)
+
       api.add_operation(:get_certificate, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetCertificate"
         o.http_method = "POST"
@@ -407,6 +451,7 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: TooManyTagsException)
         o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
       end)
 
       api.add_operation(:list_certificates, Seahorse::Model::Operation.new.tap do |o|
@@ -434,6 +479,18 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
       end)
 
+      api.add_operation(:put_account_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutAccountConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: PutAccountConfigurationRequest)
+        o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+      end)
+
       api.add_operation(:remove_tags_from_certificate, Seahorse::Model::Operation.new.tap do |o|
         o.name = "RemoveTagsFromCertificate"
         o.http_method = "POST"
@@ -445,6 +502,7 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: InvalidTagException)
         o.errors << Shapes::ShapeRef.new(shape: TagPolicyException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: ThrottlingException)
       end)
 
       api.add_operation(:renew_certificate, Seahorse::Model::Operation.new.tap do |o|