aws-sdk-acm 1.50.0 → 1.52.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 07d4a359db044db2779df5af876734fe8fc6c56f856b1856cc862fca4a909968
4
- data.tar.gz: 347b7f8186b59d72ed250c43cf84a1f03813e4941e97ed66438fe8a4261332c2
3
+ metadata.gz: db6d2123b6e6ba15d6e7dd8ee6d1cdcf5f4ed1763312515e14a82cceb9770f95
4
+ data.tar.gz: 3b1ecb9a93394429f9c7da1edcfc23f350825e68091dc0f508432d1697a6b9e4
5
5
  SHA512:
6
- metadata.gz: ae8cac056d56d824ba33cc7dca0d754a24f3037fc03ec271b18265bc9e7e65f9ccf8c6cda543e28ee19f33b89c49f9243b53943556f396a6f0590b2683088e49
7
- data.tar.gz: 115436e3ca8d3869f10070358354becbf3e7b61188a8b79e3ffe46add55b3bc279c00bbf4e9de1f46d3427ec0ca9663fc11145601e70f913ecaa091b3d6f0de6
6
+ metadata.gz: bf6faad310ffde09e71b4d9cf8818018d8474caef6e998a2e21d97d92c5e65e39f9e2b66efe7c9e09f49d7cbfb4aa894c27c8a776b032e76d6b3b78ad0495990
7
+ data.tar.gz: 40611f93d2ac3be8a03e260e16b4ebdb9abbb357c68841bec060da59f5cd684e5bdaf349a1f08cde218ada48844e04708c820e7a28abdd90fe91ad380cf310ba
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.52.0 (2022-09-29)
5
+ ------------------
6
+
7
+ * Feature - This update returns additional certificate details such as certificate SANs and allows sorting in the ListCertificates API.
8
+
9
+ 1.51.0 (2022-02-24)
10
+ ------------------
11
+
12
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
13
+
4
14
  1.50.0 (2022-02-03)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.50.0
1
+ 1.52.0
@@ -27,6 +27,7 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
27
  require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
28
  require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
29
  require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
30
31
  require 'aws-sdk-core/plugins/defaults_mode.rb'
31
32
  require 'aws-sdk-core/plugins/recursion_detection.rb'
32
33
  require 'aws-sdk-core/plugins/signature_v4.rb'
@@ -75,6 +76,7 @@ module Aws::ACM
75
76
  add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
76
77
  add_plugin(Aws::Plugins::TransferEncoding)
77
78
  add_plugin(Aws::Plugins::HttpChecksum)
79
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
78
80
  add_plugin(Aws::Plugins::DefaultsMode)
79
81
  add_plugin(Aws::Plugins::RecursionDetection)
80
82
  add_plugin(Aws::Plugins::SignatureV4)
@@ -466,6 +468,10 @@ module Aws::ACM
466
468
 
467
469
  # Returns detailed metadata about the specified ACM certificate.
468
470
  #
471
+ # If you have just created a certificate using the `RequestCertificate`
472
+ # action, there is a delay of several seconds before you can retrieve
473
+ # information about it.
474
+ #
469
475
  # @option params [required, String] :certificate_arn
470
476
  # The Amazon Resource Name (ARN) of the ACM certificate. The ARN must
471
477
  # have the following form:
@@ -579,10 +585,17 @@ module Aws::ACM
579
585
  # `arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012`
580
586
  #
581
587
  # @option params [required, String, StringIO, File] :passphrase
582
- # Passphrase to associate with the encrypted exported private key. If
583
- # you want to later decrypt the private key, you must have the
588
+ # Passphrase to associate with the encrypted exported private key.
589
+ #
590
+ # <note markdown="1"> When creating your passphrase, you can use any ASCII character except
591
+ # #, $, or %.
592
+ #
593
+ # </note>
594
+ #
595
+ # If you want to later decrypt the private key, you must have the
584
596
  # passphrase. You can use the following OpenSSL command to decrypt a
585
- # private key:
597
+ # private key. After entering the command, you are prompted for the
598
+ # passphrase.
586
599
  #
587
600
  # `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
588
601
  #
@@ -681,15 +694,14 @@ module Aws::ACM
681
694
  req.send_request(options)
682
695
  end
683
696
 
684
- # Imports a certificate into Amazon Web Services Certificate Manager
685
- # (ACM) to use with services that are integrated with ACM. Note that
686
- # [integrated services][1] allow only certificate types and keys they
687
- # support to be associated with their resources. Further, their support
688
- # differs depending on whether the certificate is imported into IAM or
689
- # into ACM. For more information, see the documentation for each
690
- # service. For more information about importing certificates into ACM,
691
- # see [Importing Certificates][2] in the *Amazon Web Services
692
- # Certificate Manager User Guide*.
697
+ # Imports a certificate into Certificate Manager (ACM) to use with
698
+ # services that are integrated with ACM. Note that [integrated
699
+ # services][1] allow only certificate types and keys they support to be
700
+ # associated with their resources. Further, their support differs
701
+ # depending on whether the certificate is imported into IAM or into ACM.
702
+ # For more information, see the documentation for each service. For more
703
+ # information about importing certificates into ACM, see [Importing
704
+ # Certificates][2] in the *Certificate Manager User Guide*.
693
705
  #
694
706
  # <note markdown="1"> ACM does not provide [managed renewal][3] for certificates that you
695
707
  # import.
@@ -831,6 +843,14 @@ module Aws::ACM
831
843
  # response. Use this `NextToken` value in a subsequent request to
832
844
  # retrieve additional items.
833
845
  #
846
+ # @option params [String] :sort_by
847
+ # Specifies the field to sort results by. If you specify `SortBy`, you
848
+ # must also specify `SortOrder`.
849
+ #
850
+ # @option params [String] :sort_order
851
+ # Specifies the order of sorted results. If you specify `SortOrder`, you
852
+ # must also specify `SortBy`.
853
+ #
834
854
  # @return [Types::ListCertificatesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
835
855
  #
836
856
  # * {Types::ListCertificatesResponse#next_token #next_token} => String
@@ -849,6 +869,8 @@ module Aws::ACM
849
869
  # },
850
870
  # next_token: "NextToken",
851
871
  # max_items: 1,
872
+ # sort_by: "CREATED_AT", # accepts CREATED_AT
873
+ # sort_order: "ASCENDING", # accepts ASCENDING, DESCENDING
852
874
  # })
853
875
  #
854
876
  # @example Response structure
@@ -857,6 +879,25 @@ module Aws::ACM
857
879
  # resp.certificate_summary_list #=> Array
858
880
  # resp.certificate_summary_list[0].certificate_arn #=> String
859
881
  # resp.certificate_summary_list[0].domain_name #=> String
882
+ # resp.certificate_summary_list[0].subject_alternative_name_summaries #=> Array
883
+ # resp.certificate_summary_list[0].subject_alternative_name_summaries[0] #=> String
884
+ # resp.certificate_summary_list[0].has_additional_subject_alternative_names #=> Boolean
885
+ # resp.certificate_summary_list[0].status #=> String, one of "PENDING_VALIDATION", "ISSUED", "INACTIVE", "EXPIRED", "VALIDATION_TIMED_OUT", "REVOKED", "FAILED"
886
+ # resp.certificate_summary_list[0].type #=> String, one of "IMPORTED", "AMAZON_ISSUED", "PRIVATE"
887
+ # resp.certificate_summary_list[0].key_algorithm #=> String, one of "RSA_1024", "RSA_2048", "RSA_3072", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1"
888
+ # resp.certificate_summary_list[0].key_usages #=> Array
889
+ # resp.certificate_summary_list[0].key_usages[0] #=> String, one of "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "CERTIFICATE_SIGNING", "CRL_SIGNING", "ENCIPHER_ONLY", "DECIPHER_ONLY", "ANY", "CUSTOM"
890
+ # resp.certificate_summary_list[0].extended_key_usages #=> Array
891
+ # resp.certificate_summary_list[0].extended_key_usages[0] #=> String, one of "TLS_WEB_SERVER_AUTHENTICATION", "TLS_WEB_CLIENT_AUTHENTICATION", "CODE_SIGNING", "EMAIL_PROTECTION", "TIME_STAMPING", "OCSP_SIGNING", "IPSEC_END_SYSTEM", "IPSEC_TUNNEL", "IPSEC_USER", "ANY", "NONE", "CUSTOM"
892
+ # resp.certificate_summary_list[0].in_use #=> Boolean
893
+ # resp.certificate_summary_list[0].exported #=> Boolean
894
+ # resp.certificate_summary_list[0].renewal_eligibility #=> String, one of "ELIGIBLE", "INELIGIBLE"
895
+ # resp.certificate_summary_list[0].not_before #=> Time
896
+ # resp.certificate_summary_list[0].not_after #=> Time
897
+ # resp.certificate_summary_list[0].created_at #=> Time
898
+ # resp.certificate_summary_list[0].issued_at #=> Time
899
+ # resp.certificate_summary_list[0].imported_at #=> Time
900
+ # resp.certificate_summary_list[0].revoked_at #=> Time
860
901
  #
861
902
  # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ListCertificates AWS API Documentation
862
903
  #
@@ -1000,9 +1041,9 @@ module Aws::ACM
1000
1041
 
1001
1042
  # Renews an eligible ACM certificate. At this time, only exported
1002
1043
  # private certificates can be renewed with this operation. In order to
1003
- # renew your ACM PCA certificates with ACM, you must first [grant the
1004
- # ACM service principal permission to do so][1]. For more information,
1005
- # see [Testing Managed Renewal][2] in the ACM User Guide.
1044
+ # renew your ACM Private CA certificates with ACM, you must first [grant
1045
+ # the ACM service principal permission to do so][1]. For more
1046
+ # information, see [Testing Managed Renewal][2] in the ACM User Guide.
1006
1047
  #
1007
1048
  #
1008
1049
  #
@@ -1052,19 +1093,21 @@ module Aws::ACM
1052
1093
  # We recommend that you use DNS validation. ACM issues public
1053
1094
  # certificates after receiving approval from the domain owner.
1054
1095
  #
1055
- # <note markdown="1"> ACM behavior differs from the
1056
- # [https://tools.ietf.org/html/rfc6125#appendix-B.2][3]RFC 6125
1057
- # specification of the certificate validation process. first checks for
1058
- # a subject alternative name, and, if it finds one, ignores the common
1059
- # name (CN)
1096
+ # <note markdown="1"> ACM behavior differs from the [RFC 6125][3] specification of the
1097
+ # certificate validation process. ACM first checks for a Subject
1098
+ # Alternative Name, and, if it finds one, ignores the common name (CN).
1060
1099
  #
1061
1100
  # </note>
1062
1101
  #
1102
+ # After successful completion of the `RequestCertificate` action, there
1103
+ # is a delay of several seconds before you can retrieve information
1104
+ # about the new certificate.
1105
+ #
1063
1106
  #
1064
1107
  #
1065
1108
  # [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
1066
1109
  # [2]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
1067
- # [3]: https://tools.ietf.org/html/rfc6125#appendix-B.2
1110
+ # [3]: https://datatracker.ietf.org/doc/html/rfc6125#appendix-B.2
1068
1111
  #
1069
1112
  # @option params [required, String] :domain_name
1070
1113
  # Fully qualified domain name (FQDN), such as www.example.com, that you
@@ -1073,9 +1116,15 @@ module Aws::ACM
1073
1116
  # For example, *.example.com protects www.example.com,
1074
1117
  # site.example.com, and images.example.com.
1075
1118
  #
1076
- # The first domain name you enter cannot exceed 64 octets, including
1077
- # periods. Each subsequent Subject Alternative Name (SAN), however, can
1078
- # be up to 253 octets in length.
1119
+ # In compliance with [RFC 5280][1], the length of the domain name
1120
+ # (technically, the Common Name) that you provide cannot exceed 64
1121
+ # octets (characters), including periods. To add a longer domain name,
1122
+ # specify it in the Subject Alternative Name field, which supports names
1123
+ # up to 253 octets in length.
1124
+ #
1125
+ #
1126
+ #
1127
+ # [1]: https://datatracker.ietf.org/doc/html/rfc5280
1079
1128
  #
1080
1129
  # @option params [String] :validation_method
1081
1130
  # The method you want to use if you are requesting a public certificate
@@ -1148,9 +1197,8 @@ module Aws::ACM
1148
1197
  # (CA) that will be used to issue the certificate. If you do not provide
1149
1198
  # an ARN and you are trying to request a private certificate, ACM will
1150
1199
  # attempt to issue a public certificate. For more information about
1151
- # private CAs, see the [Amazon Web Services Certificate Manager Private
1152
- # Certificate Authority (PCA)][1] user guide. The ARN must have the
1153
- # following form:
1200
+ # private CAs, see the [Certificate Manager Private Certificate
1201
+ # Authority][1] user guide. The ARN must have the following form:
1154
1202
  #
1155
1203
  # `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
1156
1204
  #
@@ -1328,7 +1376,7 @@ module Aws::ACM
1328
1376
  params: params,
1329
1377
  config: config)
1330
1378
  context[:gem_name] = 'aws-sdk-acm'
1331
- context[:gem_version] = '1.50.0'
1379
+ context[:gem_version] = '1.52.0'
1332
1380
  Seahorse::Client::Request.new(handlers, context)
1333
1381
  end
1334
1382
 
@@ -47,6 +47,7 @@ module Aws::ACM
47
47
  ExtendedKeyUsageFilterList = Shapes::ListShape.new(name: 'ExtendedKeyUsageFilterList')
48
48
  ExtendedKeyUsageList = Shapes::ListShape.new(name: 'ExtendedKeyUsageList')
49
49
  ExtendedKeyUsageName = Shapes::StringShape.new(name: 'ExtendedKeyUsageName')
50
+ ExtendedKeyUsageNames = Shapes::ListShape.new(name: 'ExtendedKeyUsageNames')
50
51
  FailureReason = Shapes::StringShape.new(name: 'FailureReason')
51
52
  Filters = Shapes::StructureShape.new(name: 'Filters')
52
53
  GetAccountConfigurationResponse = Shapes::StructureShape.new(name: 'GetAccountConfigurationResponse')
@@ -68,6 +69,7 @@ module Aws::ACM
68
69
  KeyUsageFilterList = Shapes::ListShape.new(name: 'KeyUsageFilterList')
69
70
  KeyUsageList = Shapes::ListShape.new(name: 'KeyUsageList')
70
71
  KeyUsageName = Shapes::StringShape.new(name: 'KeyUsageName')
72
+ KeyUsageNames = Shapes::ListShape.new(name: 'KeyUsageNames')
71
73
  LimitExceededException = Shapes::StructureShape.new(name: 'LimitExceededException')
72
74
  ListCertificatesRequest = Shapes::StructureShape.new(name: 'ListCertificatesRequest')
73
75
  ListCertificatesResponse = Shapes::StructureShape.new(name: 'ListCertificatesResponse')
@@ -75,6 +77,7 @@ module Aws::ACM
75
77
  ListTagsForCertificateResponse = Shapes::StructureShape.new(name: 'ListTagsForCertificateResponse')
76
78
  MaxItems = Shapes::IntegerShape.new(name: 'MaxItems')
77
79
  NextToken = Shapes::StringShape.new(name: 'NextToken')
80
+ NullableBoolean = Shapes::BooleanShape.new(name: 'NullableBoolean')
78
81
  PassphraseBlob = Shapes::BlobShape.new(name: 'PassphraseBlob')
79
82
  PositiveInteger = Shapes::IntegerShape.new(name: 'PositiveInteger')
80
83
  PrivateKey = Shapes::StringShape.new(name: 'PrivateKey')
@@ -95,6 +98,8 @@ module Aws::ACM
95
98
  ResourceRecord = Shapes::StructureShape.new(name: 'ResourceRecord')
96
99
  RevocationReason = Shapes::StringShape.new(name: 'RevocationReason')
97
100
  ServiceErrorMessage = Shapes::StringShape.new(name: 'ServiceErrorMessage')
101
+ SortBy = Shapes::StringShape.new(name: 'SortBy')
102
+ SortOrder = Shapes::StringShape.new(name: 'SortOrder')
98
103
  String = Shapes::StringShape.new(name: 'String')
99
104
  TStamp = Shapes::TimestampShape.new(name: 'TStamp')
100
105
  Tag = Shapes::StructureShape.new(name: 'Tag')
@@ -152,6 +157,22 @@ module Aws::ACM
152
157
 
153
158
  CertificateSummary.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateArn"))
154
159
  CertificateSummary.add_member(:domain_name, Shapes::ShapeRef.new(shape: DomainNameString, location_name: "DomainName"))
160
+ CertificateSummary.add_member(:subject_alternative_name_summaries, Shapes::ShapeRef.new(shape: DomainList, location_name: "SubjectAlternativeNameSummaries"))
161
+ CertificateSummary.add_member(:has_additional_subject_alternative_names, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "HasAdditionalSubjectAlternativeNames", metadata: {"box"=>true}))
162
+ CertificateSummary.add_member(:status, Shapes::ShapeRef.new(shape: CertificateStatus, location_name: "Status"))
163
+ CertificateSummary.add_member(:type, Shapes::ShapeRef.new(shape: CertificateType, location_name: "Type"))
164
+ CertificateSummary.add_member(:key_algorithm, Shapes::ShapeRef.new(shape: KeyAlgorithm, location_name: "KeyAlgorithm"))
165
+ CertificateSummary.add_member(:key_usages, Shapes::ShapeRef.new(shape: KeyUsageNames, location_name: "KeyUsages"))
166
+ CertificateSummary.add_member(:extended_key_usages, Shapes::ShapeRef.new(shape: ExtendedKeyUsageNames, location_name: "ExtendedKeyUsages"))
167
+ CertificateSummary.add_member(:in_use, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "InUse", metadata: {"box"=>true}))
168
+ CertificateSummary.add_member(:exported, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "Exported", metadata: {"box"=>true}))
169
+ CertificateSummary.add_member(:renewal_eligibility, Shapes::ShapeRef.new(shape: RenewalEligibility, location_name: "RenewalEligibility"))
170
+ CertificateSummary.add_member(:not_before, Shapes::ShapeRef.new(shape: TStamp, location_name: "NotBefore"))
171
+ CertificateSummary.add_member(:not_after, Shapes::ShapeRef.new(shape: TStamp, location_name: "NotAfter"))
172
+ CertificateSummary.add_member(:created_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "CreatedAt"))
173
+ CertificateSummary.add_member(:issued_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "IssuedAt"))
174
+ CertificateSummary.add_member(:imported_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "ImportedAt"))
175
+ CertificateSummary.add_member(:revoked_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "RevokedAt"))
155
176
  CertificateSummary.struct_class = Types::CertificateSummary
156
177
 
157
178
  CertificateSummaryList.member = Shapes::ShapeRef.new(shape: CertificateSummary)
@@ -206,6 +227,8 @@ module Aws::ACM
206
227
 
207
228
  ExtendedKeyUsageList.member = Shapes::ShapeRef.new(shape: ExtendedKeyUsage)
208
229
 
230
+ ExtendedKeyUsageNames.member = Shapes::ShapeRef.new(shape: ExtendedKeyUsageName)
231
+
209
232
  Filters.add_member(:extended_key_usage, Shapes::ShapeRef.new(shape: ExtendedKeyUsageFilterList, location_name: "extendedKeyUsage"))
210
233
  Filters.add_member(:key_usage, Shapes::ShapeRef.new(shape: KeyUsageFilterList, location_name: "keyUsage"))
211
234
  Filters.add_member(:key_types, Shapes::ShapeRef.new(shape: KeyAlgorithmList, location_name: "keyTypes"))
@@ -260,6 +283,8 @@ module Aws::ACM
260
283
 
261
284
  KeyUsageList.member = Shapes::ShapeRef.new(shape: KeyUsage)
262
285
 
286
+ KeyUsageNames.member = Shapes::ShapeRef.new(shape: KeyUsageName)
287
+
263
288
  LimitExceededException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
264
289
  LimitExceededException.struct_class = Types::LimitExceededException
265
290
 
@@ -267,6 +292,8 @@ module Aws::ACM
267
292
  ListCertificatesRequest.add_member(:includes, Shapes::ShapeRef.new(shape: Filters, location_name: "Includes"))
268
293
  ListCertificatesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
269
294
  ListCertificatesRequest.add_member(:max_items, Shapes::ShapeRef.new(shape: MaxItems, location_name: "MaxItems"))
295
+ ListCertificatesRequest.add_member(:sort_by, Shapes::ShapeRef.new(shape: SortBy, location_name: "SortBy"))
296
+ ListCertificatesRequest.add_member(:sort_order, Shapes::ShapeRef.new(shape: SortOrder, location_name: "SortOrder"))
270
297
  ListCertificatesRequest.struct_class = Types::ListCertificatesRequest
271
298
 
272
299
  ListCertificatesResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
@@ -120,12 +120,27 @@ module Aws::ACM
120
120
  # @return [Time]
121
121
  #
122
122
  # @!attribute [rw] imported_at
123
- # The date and time at which the certificate was imported. This value
123
+ # The date and time when the certificate was imported. This value
124
124
  # exists only when the certificate type is `IMPORTED`.
125
125
  # @return [Time]
126
126
  #
127
127
  # @!attribute [rw] status
128
128
  # The status of the certificate.
129
+ #
130
+ # A certificate enters status PENDING\_VALIDATION upon being
131
+ # requested, unless it fails for any of the reasons given in the
132
+ # troubleshooting topic [Certificate request fails][1]. ACM makes
133
+ # repeated attempts to validate a certificate for 72 hours and then
134
+ # times out. If a certificate shows status FAILED or
135
+ # VALIDATION\_TIMED\_OUT, delete the request, correct the issue with
136
+ # [DNS validation][2] or [Email validation][3], and try again. If
137
+ # validation succeeds, the certificate enters status ISSUED.
138
+ #
139
+ #
140
+ #
141
+ # [1]: https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html
142
+ # [2]: https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html
143
+ # [3]: https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html
129
144
  # @return [String]
130
145
  #
131
146
  # @!attribute [rw] revoked_at
@@ -163,8 +178,8 @@ module Aws::ACM
163
178
  # @!attribute [rw] failure_reason
164
179
  # The reason the certificate request failed. This value exists only
165
180
  # when the certificate status is `FAILED`. For more information, see
166
- # [Certificate Request Failed][1] in the *Amazon Web Services
167
- # Certificate Manager User Guide*.
181
+ # [Certificate Request Failed][1] in the *Certificate Manager User
182
+ # Guide*.
168
183
  #
169
184
  #
170
185
  #
@@ -178,7 +193,7 @@ module Aws::ACM
178
193
  # provide [managed renewal][1] for imported certificates. For more
179
194
  # information about the differences between certificates that you
180
195
  # import and those that ACM provides, see [Importing Certificates][2]
181
- # in the *Amazon Web Services Certificate Manager User Guide*.
196
+ # in the *Certificate Manager User Guide*.
182
197
  #
183
198
  #
184
199
  #
@@ -210,9 +225,8 @@ module Aws::ACM
210
225
  # @return [Array<Types::ExtendedKeyUsage>]
211
226
  #
212
227
  # @!attribute [rw] certificate_authority_arn
213
- # The Amazon Resource Name (ARN) of the ACM PCA private certificate
214
- # authority (CA) that issued the certificate. This has the following
215
- # format:
228
+ # The Amazon Resource Name (ARN) of the private certificate authority
229
+ # (CA) that issued the certificate. This has the following format:
216
230
  #
217
231
  # `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
218
232
  # @return [String]
@@ -319,11 +333,155 @@ module Aws::ACM
319
333
  # example.com, for the certificate.
320
334
  # @return [String]
321
335
  #
336
+ # @!attribute [rw] subject_alternative_name_summaries
337
+ # One or more domain names (subject alternative names) included in the
338
+ # certificate. This list contains the domain names that are bound to
339
+ # the public key that is contained in the certificate. The subject
340
+ # alternative names include the canonical domain name (CN) of the
341
+ # certificate and additional domain names that can be used to connect
342
+ # to the website.
343
+ #
344
+ # When called by [ListCertificates][1], this parameter will only
345
+ # return the first 100 subject alternative names included in the
346
+ # certificate. To display the full list of subject alternative names,
347
+ # use [DescribeCertificate][2].
348
+ #
349
+ #
350
+ #
351
+ # [1]: https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html
352
+ # [2]: https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html
353
+ # @return [Array<String>]
354
+ #
355
+ # @!attribute [rw] has_additional_subject_alternative_names
356
+ # When called by [ListCertificates][1], indicates whether the full
357
+ # list of subject alternative names has been included in the response.
358
+ # If false, the response includes all of the subject alternative names
359
+ # included in the certificate. If true, the response only includes the
360
+ # first 100 subject alternative names included in the certificate. To
361
+ # display the full list of subject alternative names, use
362
+ # [DescribeCertificate][2].
363
+ #
364
+ #
365
+ #
366
+ # [1]: https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html
367
+ # [2]: https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html
368
+ # @return [Boolean]
369
+ #
370
+ # @!attribute [rw] status
371
+ # The status of the certificate.
372
+ #
373
+ # A certificate enters status PENDING\_VALIDATION upon being
374
+ # requested, unless it fails for any of the reasons given in the
375
+ # troubleshooting topic [Certificate request fails][1]. ACM makes
376
+ # repeated attempts to validate a certificate for 72 hours and then
377
+ # times out. If a certificate shows status FAILED or
378
+ # VALIDATION\_TIMED\_OUT, delete the request, correct the issue with
379
+ # [DNS validation][2] or [Email validation][3], and try again. If
380
+ # validation succeeds, the certificate enters status ISSUED.
381
+ #
382
+ #
383
+ #
384
+ # [1]: https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html
385
+ # [2]: https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html
386
+ # [3]: https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html
387
+ # @return [String]
388
+ #
389
+ # @!attribute [rw] type
390
+ # The source of the certificate. For certificates provided by ACM,
391
+ # this value is `AMAZON_ISSUED`. For certificates that you imported
392
+ # with ImportCertificate, this value is `IMPORTED`. ACM does not
393
+ # provide [managed renewal][1] for imported certificates. For more
394
+ # information about the differences between certificates that you
395
+ # import and those that ACM provides, see [Importing Certificates][2]
396
+ # in the *Certificate Manager User Guide*.
397
+ #
398
+ #
399
+ #
400
+ # [1]: https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
401
+ # [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
402
+ # @return [String]
403
+ #
404
+ # @!attribute [rw] key_algorithm
405
+ # The algorithm that was used to generate the public-private key pair.
406
+ # @return [String]
407
+ #
408
+ # @!attribute [rw] key_usages
409
+ # A list of Key Usage X.509 v3 extension objects. Each object is a
410
+ # string value that identifies the purpose of the public key contained
411
+ # in the certificate. Possible extension values include
412
+ # DIGITAL\_SIGNATURE, KEY\_ENCHIPHERMENT, NON\_REPUDIATION, and more.
413
+ # @return [Array<String>]
414
+ #
415
+ # @!attribute [rw] extended_key_usages
416
+ # Contains a list of Extended Key Usage X.509 v3 extension objects.
417
+ # Each object specifies a purpose for which the certificate public key
418
+ # can be used and consists of a name and an object identifier (OID).
419
+ # @return [Array<String>]
420
+ #
421
+ # @!attribute [rw] in_use
422
+ # Indicates whether the certificate is currently in use by any Amazon
423
+ # Web Services resources.
424
+ # @return [Boolean]
425
+ #
426
+ # @!attribute [rw] exported
427
+ # Indicates whether the certificate has been exported. This value
428
+ # exists only when the certificate type is `PRIVATE`.
429
+ # @return [Boolean]
430
+ #
431
+ # @!attribute [rw] renewal_eligibility
432
+ # Specifies whether the certificate is eligible for renewal. At this
433
+ # time, only exported private certificates can be renewed with the
434
+ # RenewCertificate command.
435
+ # @return [String]
436
+ #
437
+ # @!attribute [rw] not_before
438
+ # The time before which the certificate is not valid.
439
+ # @return [Time]
440
+ #
441
+ # @!attribute [rw] not_after
442
+ # The time after which the certificate is not valid.
443
+ # @return [Time]
444
+ #
445
+ # @!attribute [rw] created_at
446
+ # The time at which the certificate was requested.
447
+ # @return [Time]
448
+ #
449
+ # @!attribute [rw] issued_at
450
+ # The time at which the certificate was issued. This value exists only
451
+ # when the certificate type is `AMAZON_ISSUED`.
452
+ # @return [Time]
453
+ #
454
+ # @!attribute [rw] imported_at
455
+ # The date and time when the certificate was imported. This value
456
+ # exists only when the certificate type is `IMPORTED`.
457
+ # @return [Time]
458
+ #
459
+ # @!attribute [rw] revoked_at
460
+ # The time at which the certificate was revoked. This value exists
461
+ # only when the certificate status is `REVOKED`.
462
+ # @return [Time]
463
+ #
322
464
  # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/CertificateSummary AWS API Documentation
323
465
  #
324
466
  class CertificateSummary < Struct.new(
325
467
  :certificate_arn,
326
- :domain_name)
468
+ :domain_name,
469
+ :subject_alternative_name_summaries,
470
+ :has_additional_subject_alternative_names,
471
+ :status,
472
+ :type,
473
+ :key_algorithm,
474
+ :key_usages,
475
+ :extended_key_usages,
476
+ :in_use,
477
+ :exported,
478
+ :renewal_eligibility,
479
+ :not_before,
480
+ :not_after,
481
+ :created_at,
482
+ :issued_at,
483
+ :imported_at,
484
+ :revoked_at)
327
485
  SENSITIVE = []
328
486
  include Aws::Structure
329
487
  end
@@ -560,10 +718,17 @@ module Aws::ACM
560
718
  # @return [String]
561
719
  #
562
720
  # @!attribute [rw] passphrase
563
- # Passphrase to associate with the encrypted exported private key. If
564
- # you want to later decrypt the private key, you must have the
721
+ # Passphrase to associate with the encrypted exported private key.
722
+ #
723
+ # <note markdown="1"> When creating your passphrase, you can use any ASCII character
724
+ # except #, $, or %.
725
+ #
726
+ # </note>
727
+ #
728
+ # If you want to later decrypt the private key, you must have the
565
729
  # passphrase. You can use the following OpenSSL command to decrypt a
566
- # private key:
730
+ # private key. After entering the command, you are prompted for the
731
+ # passphrase.
567
732
  #
568
733
  # `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
569
734
  # @return [String]
@@ -671,7 +836,7 @@ module Aws::ACM
671
836
  # certificates that have at least one domain. To return other
672
837
  # certificate types, provide the desired type signatures in a
673
838
  # comma-separated list. For example, `"keyTypes":
674
- # ["RSA_2048,RSA_4096"]` returns both `RSA_2048` and `RSA_4096`
839
+ # ["RSA_2048","RSA_4096"]` returns both `RSA_2048` and `RSA_4096`
675
840
  # certificates.
676
841
  # @return [Array<String>]
677
842
  #
@@ -940,6 +1105,8 @@ module Aws::ACM
940
1105
  # },
941
1106
  # next_token: "NextToken",
942
1107
  # max_items: 1,
1108
+ # sort_by: "CREATED_AT", # accepts CREATED_AT
1109
+ # sort_order: "ASCENDING", # accepts ASCENDING, DESCENDING
943
1110
  # }
944
1111
  #
945
1112
  # @!attribute [rw] certificate_statuses
@@ -966,13 +1133,25 @@ module Aws::ACM
966
1133
  # retrieve additional items.
967
1134
  # @return [Integer]
968
1135
  #
1136
+ # @!attribute [rw] sort_by
1137
+ # Specifies the field to sort results by. If you specify `SortBy`, you
1138
+ # must also specify `SortOrder`.
1139
+ # @return [String]
1140
+ #
1141
+ # @!attribute [rw] sort_order
1142
+ # Specifies the order of sorted results. If you specify `SortOrder`,
1143
+ # you must also specify `SortBy`.
1144
+ # @return [String]
1145
+ #
969
1146
  # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ListCertificatesRequest AWS API Documentation
970
1147
  #
971
1148
  class ListCertificatesRequest < Struct.new(
972
1149
  :certificate_statuses,
973
1150
  :includes,
974
1151
  :next_token,
975
- :max_items)
1152
+ :max_items,
1153
+ :sort_by,
1154
+ :sort_order)
976
1155
  SENSITIVE = []
977
1156
  include Aws::Structure
978
1157
  end
@@ -1218,9 +1397,15 @@ module Aws::ACM
1218
1397
  # same domain. For example, *.example.com protects www.example.com,
1219
1398
  # site.example.com, and images.example.com.
1220
1399
  #
1221
- # The first domain name you enter cannot exceed 64 octets, including
1222
- # periods. Each subsequent Subject Alternative Name (SAN), however,
1223
- # can be up to 253 octets in length.
1400
+ # In compliance with [RFC 5280][1], the length of the domain name
1401
+ # (technically, the Common Name) that you provide cannot exceed 64
1402
+ # octets (characters), including periods. To add a longer domain name,
1403
+ # specify it in the Subject Alternative Name field, which supports
1404
+ # names up to 253 octets in length.
1405
+ #
1406
+ #
1407
+ #
1408
+ # [1]: https://datatracker.ietf.org/doc/html/rfc5280
1224
1409
  # @return [String]
1225
1410
  #
1226
1411
  # @!attribute [rw] validation_method
@@ -1300,9 +1485,8 @@ module Aws::ACM
1300
1485
  # (CA) that will be used to issue the certificate. If you do not
1301
1486
  # provide an ARN and you are trying to request a private certificate,
1302
1487
  # ACM will attempt to issue a public certificate. For more information
1303
- # about private CAs, see the [Amazon Web Services Certificate Manager
1304
- # Private Certificate Authority (PCA)][1] user guide. The ARN must
1305
- # have the following form:
1488
+ # about private CAs, see the [Certificate Manager Private Certificate
1489
+ # Authority][1] user guide. The ARN must have the following form:
1306
1490
  #
1307
1491
  # `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
1308
1492
  #
data/lib/aws-sdk-acm.rb CHANGED
@@ -49,6 +49,6 @@ require_relative 'aws-sdk-acm/customizations'
49
49
  # @!group service
50
50
  module Aws::ACM
51
51
 
52
- GEM_VERSION = '1.50.0'
52
+ GEM_VERSION = '1.52.0'
53
53
 
54
54
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-acm
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.50.0
4
+ version: 1.52.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-02-03 00:00:00.000000000 Z
11
+ date: 2022-09-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: '3'
20
20
  - - ">="
21
21
  - !ruby/object:Gem::Version
22
- version: 3.126.0
22
+ version: 3.127.0
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: '3'
30
30
  - - ">="
31
31
  - !ruby/object:Gem::Version
32
- version: 3.126.0
32
+ version: 3.127.0
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: aws-sigv4
35
35
  requirement: !ruby/object:Gem::Requirement