aws-sdk-acm 1.5.0 → 1.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2cc48ab0c2ab83b70257253bba7cbebe11305806
-  data.tar.gz: 71a01bb1d701b21ae07b76e3c173503f7853c1f8
+  metadata.gz: dc567d5eb818ef1f4cba9faabfd44c0169176987
+  data.tar.gz: 1f3ba818a819aa0478177180df0a773aa9813470
 SHA512:
-  metadata.gz: 6e3764b7e03ec56888c23bf10877a435f93dab68363de2aa7029ec963c2fe67fd51f56e358ec2b1b93564871fb18ec3e8cf54c962fe7a532882bec8dea9556bd
-  data.tar.gz: 4e977fb9d5d4d7fe77199d872925a12c4bed6f71c0c7e8fd13ff3bdb93e9301b3537a27b0dfadd37a9a85618e8378131bc2f59a57a8d3e25cbf23930ac055c21
+  metadata.gz: d1dc5a26af66c17c4900b36f35f5a6e3d4544e5312f90e5683b0e436573d907a301cfeecd4378bd36bcf3a287a9c4dbcb17ddc19598137d5035acfb69267e9e7
+  data.tar.gz: 2e0037beb949b7c9f7a96fd7164347fe5560e90c98690125b36d3743e5cc0841b5ebf3746ec59c0adbf2b9c1bf50e4cabadf80f7cff0288839c06fd635398d42

data/lib/aws-sdk-acm.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-acm/customizations'
 # @service
 module Aws::ACM
 
-  GEM_VERSION = '1.5.0'
+  GEM_VERSION = '1.6.0'
 
 end

data/lib/aws-sdk-acm/client.rb

@@ -177,7 +177,7 @@ module Aws::ACM
     #
     #
     #
-    # [1]: http://docs.aws.amazon.com/acm/latest/userguide/tags.html
+    # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/tags.html
     #
     # @option params [required, String] :certificate_arn
     #   String that contains the ARN of the ACM certificate to which the tag
@@ -316,8 +316,8 @@ module Aws::ACM
     #   resp.certificate.signature_algorithm #=> String
     #   resp.certificate.in_use_by #=> Array
     #   resp.certificate.in_use_by[0] #=> String
-    #   resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "CAA_ERROR", "OTHER"
-    #   resp.certificate.type #=> String, one of "IMPORTED", "AMAZON_ISSUED"
+    #   resp.certificate.failure_reason #=> String, one of "NO_AVAILABLE_CONTACTS", "ADDITIONAL_VERIFICATION_REQUIRED", "DOMAIN_NOT_ALLOWED", "INVALID_PUBLIC_DOMAIN", "CAA_ERROR", "PCA_LIMIT_EXCEEDED", "PCA_INVALID_ARN", "PCA_INVALID_STATE", "PCA_REQUEST_FAILED", "PCA_RESOURCE_NOT_FOUND", "PCA_INVALID_ARGS", "OTHER"
+    #   resp.certificate.type #=> String, one of "IMPORTED", "AMAZON_ISSUED", "PRIVATE"
     #   resp.certificate.renewal_summary.renewal_status #=> String, one of "PENDING_AUTO_RENEWAL", "PENDING_VALIDATION", "SUCCESS", "FAILED"
     #   resp.certificate.renewal_summary.domain_validation_options #=> Array
     #   resp.certificate.renewal_summary.domain_validation_options[0].domain_name #=> String
@@ -334,6 +334,8 @@ module Aws::ACM
     #   resp.certificate.extended_key_usages #=> Array
     #   resp.certificate.extended_key_usages[0].name #=> String, one of "TLS_WEB_SERVER_AUTHENTICATION", "TLS_WEB_CLIENT_AUTHENTICATION", "CODE_SIGNING", "EMAIL_PROTECTION", "TIME_STAMPING", "OCSP_SIGNING", "IPSEC_END_SYSTEM", "IPSEC_TUNNEL", "IPSEC_USER", "ANY", "NONE", "CUSTOM"
     #   resp.certificate.extended_key_usages[0].oid #=> String
+    #   resp.certificate.certificate_authority_arn #=> String
+    #   resp.certificate.renewal_eligibility #=> String, one of "ELIGIBLE", "INELIGIBLE"
     #   resp.certificate.options.certificate_transparency_logging_preference #=> String, one of "ENABLED", "DISABLED"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/DescribeCertificate AWS API Documentation
@@ -345,6 +347,58 @@ module Aws::ACM
       req.send_request(options)
     end
 
+    # Exports a certificate for use anywhere. You can export the
+    # certificate, the certificate chain, and the encrypted private key
+    # associated with the public key embedded in the certificate. You must
+    # store the private key securely. The private key is a 2048 bit RSA key.
+    # You must provide a passphrase for the private key when exporting it.
+    # You can use the following OpenSSL command to decrypt it later. Provide
+    # the passphrase when prompted.
+    #
+    # `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
+    #
+    # @option params [required, String] :certificate_arn
+    #   An Amazon Resource Name (ARN) of the issued certificate. This must be
+    #   of the form:
+    #
+    #   `arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012`
+    #
+    # @option params [required, String, IO] :passphrase
+    #   Passphrase to associate with the encrypted exported private key. If
+    #   you want to later decrypt the private key, you must have the
+    #   passphrase. You can use the following OpenSSL command to decrypt a
+    #   private key:
+    #
+    #   `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
+    #
+    # @return [Types::ExportCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ExportCertificateResponse#certificate #certificate} => String
+    #   * {Types::ExportCertificateResponse#certificate_chain #certificate_chain} => String
+    #   * {Types::ExportCertificateResponse#private_key #private_key} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.export_certificate({
+    #     certificate_arn: "Arn", # required
+    #     passphrase: "data", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.certificate #=> String
+    #   resp.certificate_chain #=> String
+    #   resp.private_key #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ExportCertificate AWS API Documentation
+    #
+    # @overload export_certificate(params = {})
+    # @param [Hash] params ({})
+    def export_certificate(params = {}, options = {})
+      req = build_request(:export_certificate, params)
+      req.send_request(options)
+    end
+
     # Retrieves a certificate specified by an ARN and its certificate chain
     # . The chain is an ordered list of certificates that contains the end
     # entity certificate, intermediate certificates of subordinate CAs, and
@@ -443,9 +497,9 @@ module Aws::ACM
     #
     #
     #
-    # [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-services.html
-    # [2]: http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
-    # [3]: http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
+    # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-services.html
+    # [2]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/import-certificate.html
+    # [3]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-renewal.html
     # [4]: http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
     #
     # @option params [String] :certificate_arn
@@ -663,8 +717,8 @@ module Aws::ACM
     #
     #
     #
-    # [1]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
-    # [2]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
+    # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-dns.html
+    # [2]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-email.html
     #
     # @option params [required, String] :domain_name
     #   Fully qualified domain name (FQDN), such as www.example.com, of the
@@ -684,8 +738,8 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
-    #   [2]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-dns.html
+    #   [2]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-email.html
     #
     # @option params [Array<String>] :subject_alternative_names
     #   Additional FQDNs to be included in the Subject Alternative Name
@@ -715,7 +769,7 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-limits.html
     #
     # @option params [String] :idempotency_token
     #   Customer chosen string that can be used to distinguish between calls
@@ -740,7 +794,20 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-bestpractices.html#best-practices-transparency
+    #
+    # @option params [String] :certificate_authority_arn
+    #   The Amazon Resource Name (ARN) of the private certificate authority
+    #   (CA) that will be used to issue the certificate. For more information
+    #   about private CAs, see the [AWS Certificate Manager Private
+    #   Certificate Authority (PCA)][1] user guide. The ARN must have the
+    #   following form:
+    #
+    #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm-pca/latest/userguide/PcaWelcome.html
     #
     # @return [Types::RequestCertificateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -762,6 +829,7 @@ module Aws::ACM
     #     options: {
     #       certificate_transparency_logging_preference: "ENABLED", # accepts ENABLED, DISABLED
     #     },
+    #     certificate_authority_arn: "Arn",
     #   })
     #
     # @example Response structure
@@ -792,7 +860,7 @@ module Aws::ACM
     #
     #
     #
-    # [1]: http://docs.aws.amazon.com/acm/latest/userguide/setup-email.html
+    # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/setup-email.html
     #
     # @option params [required, String] :certificate_arn
     #   String that contains the ARN of the requested certificate. The
@@ -853,7 +921,7 @@ module Aws::ACM
     #
     #
     #
-    # [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency
+    # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-bestpractices.html#best-practices-transparency
     #
     # @option params [required, String] :certificate_arn
     #   ARN of the requested certificate to update. This must be of the form:
@@ -902,7 +970,7 @@ module Aws::ACM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-acm'
-      context[:gem_version] = '1.5.0'
+      context[:gem_version] = '1.6.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-acm/client_api.rb

@@ -35,6 +35,8 @@ module Aws::ACM
     DomainValidationList = Shapes::ListShape.new(name: 'DomainValidationList')
     DomainValidationOption = Shapes::StructureShape.new(name: 'DomainValidationOption')
     DomainValidationOptionList = Shapes::ListShape.new(name: 'DomainValidationOptionList')
+    ExportCertificateRequest = Shapes::StructureShape.new(name: 'ExportCertificateRequest')
+    ExportCertificateResponse = Shapes::StructureShape.new(name: 'ExportCertificateResponse')
     ExtendedKeyUsage = Shapes::StructureShape.new(name: 'ExtendedKeyUsage')
     ExtendedKeyUsageFilterList = Shapes::ListShape.new(name: 'ExtendedKeyUsageFilterList')
     ExtendedKeyUsageList = Shapes::ListShape.new(name: 'ExtendedKeyUsageList')
@@ -64,9 +66,12 @@ module Aws::ACM
     ListTagsForCertificateResponse = Shapes::StructureShape.new(name: 'ListTagsForCertificateResponse')
     MaxItems = Shapes::IntegerShape.new(name: 'MaxItems')
     NextToken = Shapes::StringShape.new(name: 'NextToken')
+    PassphraseBlob = Shapes::BlobShape.new(name: 'PassphraseBlob')
+    PrivateKey = Shapes::StringShape.new(name: 'PrivateKey')
     PrivateKeyBlob = Shapes::BlobShape.new(name: 'PrivateKeyBlob')
     RecordType = Shapes::StringShape.new(name: 'RecordType')
     RemoveTagsFromCertificateRequest = Shapes::StructureShape.new(name: 'RemoveTagsFromCertificateRequest')
+    RenewalEligibility = Shapes::StringShape.new(name: 'RenewalEligibility')
     RenewalStatus = Shapes::StringShape.new(name: 'RenewalStatus')
     RenewalSummary = Shapes::StructureShape.new(name: 'RenewalSummary')
     RequestCertificateRequest = Shapes::StructureShape.new(name: 'RequestCertificateRequest')
@@ -115,6 +120,8 @@ module Aws::ACM
     CertificateDetail.add_member(:renewal_summary, Shapes::ShapeRef.new(shape: RenewalSummary, location_name: "RenewalSummary"))
     CertificateDetail.add_member(:key_usages, Shapes::ShapeRef.new(shape: KeyUsageList, location_name: "KeyUsages"))
     CertificateDetail.add_member(:extended_key_usages, Shapes::ShapeRef.new(shape: ExtendedKeyUsageList, location_name: "ExtendedKeyUsages"))
+    CertificateDetail.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateAuthorityArn"))
+    CertificateDetail.add_member(:renewal_eligibility, Shapes::ShapeRef.new(shape: RenewalEligibility, location_name: "RenewalEligibility"))
     CertificateDetail.add_member(:options, Shapes::ShapeRef.new(shape: CertificateOptions, location_name: "Options"))
     CertificateDetail.struct_class = Types::CertificateDetail
 
@@ -156,6 +163,15 @@ module Aws::ACM
 
     DomainValidationOptionList.member = Shapes::ShapeRef.new(shape: DomainValidationOption)
 
+    ExportCertificateRequest.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "CertificateArn"))
+    ExportCertificateRequest.add_member(:passphrase, Shapes::ShapeRef.new(shape: PassphraseBlob, required: true, location_name: "Passphrase"))
+    ExportCertificateRequest.struct_class = Types::ExportCertificateRequest
+
+    ExportCertificateResponse.add_member(:certificate, Shapes::ShapeRef.new(shape: CertificateBody, location_name: "Certificate"))
+    ExportCertificateResponse.add_member(:certificate_chain, Shapes::ShapeRef.new(shape: CertificateChain, location_name: "CertificateChain"))
+    ExportCertificateResponse.add_member(:private_key, Shapes::ShapeRef.new(shape: PrivateKey, location_name: "PrivateKey"))
+    ExportCertificateResponse.struct_class = Types::ExportCertificateResponse
+
     ExtendedKeyUsage.add_member(:name, Shapes::ShapeRef.new(shape: ExtendedKeyUsageName, location_name: "Name"))
     ExtendedKeyUsage.add_member(:oid, Shapes::ShapeRef.new(shape: String, location_name: "OID"))
     ExtendedKeyUsage.struct_class = Types::ExtendedKeyUsage
@@ -226,6 +242,7 @@ module Aws::ACM
     RequestCertificateRequest.add_member(:idempotency_token, Shapes::ShapeRef.new(shape: IdempotencyToken, location_name: "IdempotencyToken"))
     RequestCertificateRequest.add_member(:domain_validation_options, Shapes::ShapeRef.new(shape: DomainValidationOptionList, location_name: "DomainValidationOptions"))
     RequestCertificateRequest.add_member(:options, Shapes::ShapeRef.new(shape: CertificateOptions, location_name: "Options"))
+    RequestCertificateRequest.add_member(:certificate_authority_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateAuthorityArn"))
     RequestCertificateRequest.struct_class = Types::RequestCertificateRequest
 
     RequestCertificateResponse.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateArn"))
@@ -301,6 +318,17 @@ module Aws::ACM
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
       end)
 
+      api.add_operation(:export_certificate, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ExportCertificate"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ExportCertificateRequest)
+        o.output = Shapes::ShapeRef.new(shape: ExportCertificateResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestInProgressException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
+      end)
+
       api.add_operation(:get_certificate, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetCertificate"
         o.http_method = "POST"
@@ -365,6 +393,7 @@ module Aws::ACM
         o.output = Shapes::ShapeRef.new(shape: RequestCertificateResponse)
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidDomainValidationOptionsException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
       end)
 
       api.add_operation(:resend_validation_email, Seahorse::Model::Operation.new.tap do |o|
@@ -386,7 +415,6 @@ module Aws::ACM
         o.input = Shapes::ShapeRef.new(shape: UpdateCertificateOptionsRequest)
         o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)

data/lib/aws-sdk-acm/types.rb

@@ -152,7 +152,7 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/troubleshooting.html#troubleshooting-failed
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/troubleshooting.html#troubleshooting-failed
     #   @return [String]
     #
     # @!attribute [rw] type
@@ -166,8 +166,8 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
-    #   [2]: http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-renewal.html
+    #   [2]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/import-certificate.html
     #   @return [String]
     #
     # @!attribute [rw] renewal_summary
@@ -177,7 +177,7 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-renewal.html
     #   @return [Types::RenewalSummary]
     #
     # @!attribute [rw] key_usages
@@ -193,6 +193,18 @@ module Aws::ACM
     #   can be used and consists of a name and an object identifier (OID).
     #   @return [Array<Types::ExtendedKeyUsage>]
     #
+    # @!attribute [rw] certificate_authority_arn
+    #   The Amazon Resource Name (ARN) of the ACM PCA private certificate
+    #   authority (CA) that issued the certificate. This has the following
+    #   format:
+    #
+    #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
+    #   @return [String]
+    #
+    # @!attribute [rw] renewal_eligibility
+    #   Specifies whether the certificate is eligible for renewal.
+    #   @return [String]
+    #
     # @!attribute [rw] options
     #   Value that specifies whether to add the certificate to a
     #   transparency log. Certificate transparency makes it possible to
@@ -228,6 +240,8 @@ module Aws::ACM
       :renewal_summary,
       :key_usages,
       :extended_key_usages,
+      :certificate_authority_arn,
+      :renewal_eligibility,
       :options)
       include Aws::Structure
     end
@@ -243,7 +257,7 @@ module Aws::ACM
     #
     #
     #
-    # [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency
+    # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-concepts.html#concept-transparency
     #
     # @note When making an API call, you may pass CertificateOptions
     #   data as a hash:
@@ -395,7 +409,7 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-dns.html
     #   @return [Types::ResourceRecord]
     #
     # @!attribute [rw] validation_method
@@ -457,6 +471,61 @@ module Aws::ACM
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ExportCertificateRequest
+    #   data as a hash:
+    #
+    #       {
+    #         certificate_arn: "Arn", # required
+    #         passphrase: "data", # required
+    #       }
+    #
+    # @!attribute [rw] certificate_arn
+    #   An Amazon Resource Name (ARN) of the issued certificate. This must
+    #   be of the form:
+    #
+    #   `arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012`
+    #   @return [String]
+    #
+    # @!attribute [rw] passphrase
+    #   Passphrase to associate with the encrypted exported private key. If
+    #   you want to later decrypt the private key, you must have the
+    #   passphrase. You can use the following OpenSSL command to decrypt a
+    #   private key:
+    #
+    #   `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ExportCertificateRequest AWS API Documentation
+    #
+    class ExportCertificateRequest < Struct.new(
+      :certificate_arn,
+      :passphrase)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] certificate
+    #   The base64 PEM-encoded certificate.
+    #   @return [String]
+    #
+    # @!attribute [rw] certificate_chain
+    #   The base64 PEM-encoded certificate chain. This does not include the
+    #   certificate that you are exporting.
+    #   @return [String]
+    #
+    # @!attribute [rw] private_key
+    #   The PEM-encoded private key associated with the public key in the
+    #   certificate.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ExportCertificateResponse AWS API Documentation
+    #
+    class ExportCertificateResponse < Struct.new(
+      :certificate,
+      :certificate_chain,
+      :private_key)
+      include Aws::Structure
+    end
+
     # The Extended Key Usage X.509 v3 extension defines one or more purposes
     # for which the public key can be used. This is in addition to or in
     # place of the basic purposes specified by the Key Usage extension.
@@ -796,14 +865,14 @@ module Aws::ACM
     #
     #
     #
-    # [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
+    # [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-renewal.html
     #
     # @!attribute [rw] renewal_status
     #   The status of ACM's [managed renewal][1] of the certificate.
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-renewal.html
     #   @return [String]
     #
     # @!attribute [rw] domain_validation_options
@@ -815,7 +884,7 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-renewal.html
     #   @return [Array<Types::DomainValidation>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/RenewalSummary AWS API Documentation
@@ -843,6 +912,7 @@ module Aws::ACM
     #         options: {
     #           certificate_transparency_logging_preference: "ENABLED", # accepts ENABLED, DISABLED
     #         },
+    #         certificate_authority_arn: "Arn",
     #       }
     #
     # @!attribute [rw] domain_name
@@ -864,8 +934,8 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
-    #   [2]: http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-dns.html
+    #   [2]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/gs-acm-validate-email.html
     #   @return [String]
     #
     # @!attribute [rw] subject_alternative_names
@@ -896,7 +966,7 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-limits.html
     #   @return [Array<String>]
     #
     # @!attribute [rw] idempotency_token
@@ -925,9 +995,23 @@ module Aws::ACM
     #
     #
     #
-    #   [1]: http://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm/latest/userguide/acm-bestpractices.html#best-practices-transparency
     #   @return [Types::CertificateOptions]
     #
+    # @!attribute [rw] certificate_authority_arn
+    #   The Amazon Resource Name (ARN) of the private certificate authority
+    #   (CA) that will be used to issue the certificate. For more
+    #   information about private CAs, see the [AWS Certificate Manager
+    #   Private Certificate Authority (PCA)][1] user guide. The ARN must
+    #   have the following form:
+    #
+    #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/http:/docs.aws.amazon.comacm-pca/latest/userguide/PcaWelcome.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/RequestCertificateRequest AWS API Documentation
     #
     class RequestCertificateRequest < Struct.new(
@@ -936,7 +1020,8 @@ module Aws::ACM
       :subject_alternative_names,
       :idempotency_token,
       :domain_validation_options,
-      :options)
+      :options,
+      :certificate_authority_arn)
       include Aws::Structure
     end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acm
 version: !ruby/object:Gem::Version
-  version: 1.5.0
+  version: 1.6.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-03-30 00:00:00.000000000 Z
+date: 2018-04-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core