aws-sdk-acm 1.51.0 → 1.53.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 913896ae7a069734051c3ef60f44db29225f87d75fbe0c571895ab69ffd8e486
-  data.tar.gz: a62b762978d0e1cba90b37928f374de4949464308ea96ffcd6b7e8023dcd7666
+  metadata.gz: d40f231cc976aae38e21848b5e67991e6ea65b358eb032d99d7b87a0b246ce65
+  data.tar.gz: df1771e3a3e00edf015c00c3043e3ef9810b3ad01674414868d40c3d88067657
 SHA512:
-  metadata.gz: a6bd487e6d40855eb724c08ef8a4bdc8e99563aae3578752dc5f36871bc9ab5419657dd6f914e7a8b70ac9603691517579c6aab511783c3ba0ea8fd92540d30b
-  data.tar.gz: 9d4f7b888cd376c94e4ec8a69b414fe95bf5b8da99e271702b6773606b22c5f672548c525164ce7073704c3042f243f722df0f8ea2aeea56d1d65252f2303aa8
+  metadata.gz: e0e1788365a14476e749d8a5a5df200237ccf97b1d8c9a892fb913fad5ab4a5ae6c521c64fc939a46a8218c65e67ccdc98742cc40a7760819ba30746e38e2cc1
+  data.tar.gz: c27445af49d323b48952579b1db87a2bd5f4f10c791d1a2531228e40cde7c01bb6a2d87426fa2ffa46ba7dd0868befd0416a64eeb793e21e100b4cda5f0b4df9

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.53.0 (2022-10-25)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.52.0 (2022-09-29)
+------------------
+
+* Feature - This update returns additional certificate details such as certificate SANs and allows sorting in the ListCertificates API.
+
 1.51.0 (2022-02-24)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.51.0
+1.53.0

data/lib/aws-sdk-acm/client.rb

@@ -30,7 +30,7 @@ require 'aws-sdk-core/plugins/http_checksum.rb'
 require 'aws-sdk-core/plugins/checksum_algorithm.rb'
 require 'aws-sdk-core/plugins/defaults_mode.rb'
 require 'aws-sdk-core/plugins/recursion_detection.rb'
-require 'aws-sdk-core/plugins/signature_v4.rb'
+require 'aws-sdk-core/plugins/sign.rb'
 require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 
 Aws::Plugins::GlobalConfiguration.add_identifier(:acm)
@@ -79,8 +79,9 @@ module Aws::ACM
     add_plugin(Aws::Plugins::ChecksumAlgorithm)
     add_plugin(Aws::Plugins::DefaultsMode)
     add_plugin(Aws::Plugins::RecursionDetection)
-    add_plugin(Aws::Plugins::SignatureV4)
+    add_plugin(Aws::Plugins::Sign)
     add_plugin(Aws::Plugins::Protocols::JsonRpc)
+    add_plugin(Aws::ACM::Plugins::Endpoints)
 
     # @overload initialize(options)
     #   @param [Hash] options
@@ -297,6 +298,19 @@ module Aws::ACM
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Aws::TokenProvider] :token_provider
+    #     A Bearer Token Provider. This can be an instance of any one of the
+    #     following classes:
+    #
+    #     * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
+    #       tokens.
+    #
+    #     * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
+    #     will be used to search for tokens configured for your profile in shared configuration files.
+    #
     #   @option options [Boolean] :use_dualstack_endpoint
     #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
     #     will be used if available.
@@ -310,6 +324,9 @@ module Aws::ACM
     #     When `true`, request parameters are validated before
     #     sending the request.
     #
+    #   @option options [Aws::ACM::EndpointProvider] :endpoint_provider
+    #     The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::ACM::EndpointParameters`
+    #
     #   @option options [URI::HTTP,String] :http_proxy A proxy to send
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
@@ -468,6 +485,10 @@ module Aws::ACM
 
     # Returns detailed metadata about the specified ACM certificate.
     #
+    # If you have just created a certificate using the `RequestCertificate`
+    # action, there is a delay of several seconds before you can retrieve
+    # information about it.
+    #
     # @option params [required, String] :certificate_arn
     #   The Amazon Resource Name (ARN) of the ACM certificate. The ARN must
     #   have the following form:
@@ -581,10 +602,17 @@ module Aws::ACM
     #   `arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012`
     #
     # @option params [required, String, StringIO, File] :passphrase
-    #   Passphrase to associate with the encrypted exported private key. If
-    #   you want to later decrypt the private key, you must have the
+    #   Passphrase to associate with the encrypted exported private key.
+    #
+    #   <note markdown="1"> When creating your passphrase, you can use any ASCII character except
+    #   #, $, or %.
+    #
+    #    </note>
+    #
+    #   If you want to later decrypt the private key, you must have the
     #   passphrase. You can use the following OpenSSL command to decrypt a
-    #   private key:
+    #   private key. After entering the command, you are prompted for the
+    #   passphrase.
     #
     #   `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
     #
@@ -683,15 +711,14 @@ module Aws::ACM
       req.send_request(options)
     end
 
-    # Imports a certificate into Amazon Web Services Certificate Manager
-    # (ACM) to use with services that are integrated with ACM. Note that
-    # [integrated services][1] allow only certificate types and keys they
-    # support to be associated with their resources. Further, their support
-    # differs depending on whether the certificate is imported into IAM or
-    # into ACM. For more information, see the documentation for each
-    # service. For more information about importing certificates into ACM,
-    # see [Importing Certificates][2] in the *Amazon Web Services
-    # Certificate Manager User Guide*.
+    # Imports a certificate into Certificate Manager (ACM) to use with
+    # services that are integrated with ACM. Note that [integrated
+    # services][1] allow only certificate types and keys they support to be
+    # associated with their resources. Further, their support differs
+    # depending on whether the certificate is imported into IAM or into ACM.
+    # For more information, see the documentation for each service. For more
+    # information about importing certificates into ACM, see [Importing
+    # Certificates][2] in the *Certificate Manager User Guide*.
     #
     # <note markdown="1"> ACM does not provide [managed renewal][3] for certificates that you
     # import.
@@ -833,6 +860,14 @@ module Aws::ACM
     #   response. Use this `NextToken` value in a subsequent request to
     #   retrieve additional items.
     #
+    # @option params [String] :sort_by
+    #   Specifies the field to sort results by. If you specify `SortBy`, you
+    #   must also specify `SortOrder`.
+    #
+    # @option params [String] :sort_order
+    #   Specifies the order of sorted results. If you specify `SortOrder`, you
+    #   must also specify `SortBy`.
+    #
     # @return [Types::ListCertificatesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListCertificatesResponse#next_token #next_token} => String
@@ -851,6 +886,8 @@ module Aws::ACM
     #     },
     #     next_token: "NextToken",
     #     max_items: 1,
+    #     sort_by: "CREATED_AT", # accepts CREATED_AT
+    #     sort_order: "ASCENDING", # accepts ASCENDING, DESCENDING
     #   })
     #
     # @example Response structure
@@ -859,6 +896,25 @@ module Aws::ACM
     #   resp.certificate_summary_list #=> Array
     #   resp.certificate_summary_list[0].certificate_arn #=> String
     #   resp.certificate_summary_list[0].domain_name #=> String
+    #   resp.certificate_summary_list[0].subject_alternative_name_summaries #=> Array
+    #   resp.certificate_summary_list[0].subject_alternative_name_summaries[0] #=> String
+    #   resp.certificate_summary_list[0].has_additional_subject_alternative_names #=> Boolean
+    #   resp.certificate_summary_list[0].status #=> String, one of "PENDING_VALIDATION", "ISSUED", "INACTIVE", "EXPIRED", "VALIDATION_TIMED_OUT", "REVOKED", "FAILED"
+    #   resp.certificate_summary_list[0].type #=> String, one of "IMPORTED", "AMAZON_ISSUED", "PRIVATE"
+    #   resp.certificate_summary_list[0].key_algorithm #=> String, one of "RSA_1024", "RSA_2048", "RSA_3072", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1"
+    #   resp.certificate_summary_list[0].key_usages #=> Array
+    #   resp.certificate_summary_list[0].key_usages[0] #=> String, one of "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "CERTIFICATE_SIGNING", "CRL_SIGNING", "ENCIPHER_ONLY", "DECIPHER_ONLY", "ANY", "CUSTOM"
+    #   resp.certificate_summary_list[0].extended_key_usages #=> Array
+    #   resp.certificate_summary_list[0].extended_key_usages[0] #=> String, one of "TLS_WEB_SERVER_AUTHENTICATION", "TLS_WEB_CLIENT_AUTHENTICATION", "CODE_SIGNING", "EMAIL_PROTECTION", "TIME_STAMPING", "OCSP_SIGNING", "IPSEC_END_SYSTEM", "IPSEC_TUNNEL", "IPSEC_USER", "ANY", "NONE", "CUSTOM"
+    #   resp.certificate_summary_list[0].in_use #=> Boolean
+    #   resp.certificate_summary_list[0].exported #=> Boolean
+    #   resp.certificate_summary_list[0].renewal_eligibility #=> String, one of "ELIGIBLE", "INELIGIBLE"
+    #   resp.certificate_summary_list[0].not_before #=> Time
+    #   resp.certificate_summary_list[0].not_after #=> Time
+    #   resp.certificate_summary_list[0].created_at #=> Time
+    #   resp.certificate_summary_list[0].issued_at #=> Time
+    #   resp.certificate_summary_list[0].imported_at #=> Time
+    #   resp.certificate_summary_list[0].revoked_at #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ListCertificates AWS API Documentation
     #
@@ -1002,9 +1058,9 @@ module Aws::ACM
 
     # Renews an eligible ACM certificate. At this time, only exported
     # private certificates can be renewed with this operation. In order to
-    # renew your ACM PCA certificates with ACM, you must first [grant the
-    # ACM service principal permission to do so][1]. For more information,
-    # see [Testing Managed Renewal][2] in the ACM User Guide.
+    # renew your ACM Private CA certificates with ACM, you must first [grant
+    # the ACM service principal permission to do so][1]. For more
+    # information, see [Testing Managed Renewal][2] in the ACM User Guide.
     #
     #
     #
@@ -1054,19 +1110,21 @@ module Aws::ACM
     # We recommend that you use DNS validation. ACM issues public
     # certificates after receiving approval from the domain owner.
     #
-    # <note markdown="1"> ACM behavior differs from the
-    # [https://tools.ietf.org/html/rfc6125#appendix-B.2][3]RFC 6125
-    # specification of the certificate validation process. first checks for
-    # a subject alternative name, and, if it finds one, ignores the common
-    # name (CN)
+    # <note markdown="1"> ACM behavior differs from the [RFC 6125][3] specification of the
+    # certificate validation process. ACM first checks for a Subject
+    # Alternative Name, and, if it finds one, ignores the common name (CN).
     #
     #  </note>
     #
+    # After successful completion of the `RequestCertificate` action, there
+    # is a delay of several seconds before you can retrieve information
+    # about the new certificate.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
     # [2]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
-    # [3]: https://tools.ietf.org/html/rfc6125#appendix-B.2
+    # [3]: https://datatracker.ietf.org/doc/html/rfc6125#appendix-B.2
     #
     # @option params [required, String] :domain_name
     #   Fully qualified domain name (FQDN), such as www.example.com, that you
@@ -1075,9 +1133,15 @@ module Aws::ACM
     #   For example, *.example.com protects www.example.com,
     #   site.example.com, and images.example.com.
     #
-    #   The first domain name you enter cannot exceed 64 octets, including
-    #   periods. Each subsequent Subject Alternative Name (SAN), however, can
-    #   be up to 253 octets in length.
+    #   In compliance with [RFC 5280][1], the length of the domain name
+    #   (technically, the Common Name) that you provide cannot exceed 64
+    #   octets (characters), including periods. To add a longer domain name,
+    #   specify it in the Subject Alternative Name field, which supports names
+    #   up to 253 octets in length.
+    #
+    #
+    #
+    #   [1]: https://datatracker.ietf.org/doc/html/rfc5280
     #
     # @option params [String] :validation_method
     #   The method you want to use if you are requesting a public certificate
@@ -1150,9 +1214,8 @@ module Aws::ACM
     #   (CA) that will be used to issue the certificate. If you do not provide
     #   an ARN and you are trying to request a private certificate, ACM will
     #   attempt to issue a public certificate. For more information about
-    #   private CAs, see the [Amazon Web Services Certificate Manager Private
-    #   Certificate Authority (PCA)][1] user guide. The ARN must have the
-    #   following form:
+    #   private CAs, see the [Certificate Manager Private Certificate
+    #   Authority][1] user guide. The ARN must have the following form:
     #
     #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
     #
@@ -1330,7 +1393,7 @@ module Aws::ACM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-acm'
-      context[:gem_version] = '1.51.0'
+      context[:gem_version] = '1.53.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-acm/client_api.rb

@@ -47,6 +47,7 @@ module Aws::ACM
     ExtendedKeyUsageFilterList = Shapes::ListShape.new(name: 'ExtendedKeyUsageFilterList')
     ExtendedKeyUsageList = Shapes::ListShape.new(name: 'ExtendedKeyUsageList')
     ExtendedKeyUsageName = Shapes::StringShape.new(name: 'ExtendedKeyUsageName')
+    ExtendedKeyUsageNames = Shapes::ListShape.new(name: 'ExtendedKeyUsageNames')
     FailureReason = Shapes::StringShape.new(name: 'FailureReason')
     Filters = Shapes::StructureShape.new(name: 'Filters')
     GetAccountConfigurationResponse = Shapes::StructureShape.new(name: 'GetAccountConfigurationResponse')
@@ -68,6 +69,7 @@ module Aws::ACM
     KeyUsageFilterList = Shapes::ListShape.new(name: 'KeyUsageFilterList')
     KeyUsageList = Shapes::ListShape.new(name: 'KeyUsageList')
     KeyUsageName = Shapes::StringShape.new(name: 'KeyUsageName')
+    KeyUsageNames = Shapes::ListShape.new(name: 'KeyUsageNames')
     LimitExceededException = Shapes::StructureShape.new(name: 'LimitExceededException')
     ListCertificatesRequest = Shapes::StructureShape.new(name: 'ListCertificatesRequest')
     ListCertificatesResponse = Shapes::StructureShape.new(name: 'ListCertificatesResponse')
@@ -75,6 +77,7 @@ module Aws::ACM
     ListTagsForCertificateResponse = Shapes::StructureShape.new(name: 'ListTagsForCertificateResponse')
     MaxItems = Shapes::IntegerShape.new(name: 'MaxItems')
     NextToken = Shapes::StringShape.new(name: 'NextToken')
+    NullableBoolean = Shapes::BooleanShape.new(name: 'NullableBoolean')
     PassphraseBlob = Shapes::BlobShape.new(name: 'PassphraseBlob')
     PositiveInteger = Shapes::IntegerShape.new(name: 'PositiveInteger')
     PrivateKey = Shapes::StringShape.new(name: 'PrivateKey')
@@ -95,6 +98,8 @@ module Aws::ACM
     ResourceRecord = Shapes::StructureShape.new(name: 'ResourceRecord')
     RevocationReason = Shapes::StringShape.new(name: 'RevocationReason')
     ServiceErrorMessage = Shapes::StringShape.new(name: 'ServiceErrorMessage')
+    SortBy = Shapes::StringShape.new(name: 'SortBy')
+    SortOrder = Shapes::StringShape.new(name: 'SortOrder')
     String = Shapes::StringShape.new(name: 'String')
     TStamp = Shapes::TimestampShape.new(name: 'TStamp')
     Tag = Shapes::StructureShape.new(name: 'Tag')
@@ -152,6 +157,22 @@ module Aws::ACM
 
     CertificateSummary.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateArn"))
     CertificateSummary.add_member(:domain_name, Shapes::ShapeRef.new(shape: DomainNameString, location_name: "DomainName"))
+    CertificateSummary.add_member(:subject_alternative_name_summaries, Shapes::ShapeRef.new(shape: DomainList, location_name: "SubjectAlternativeNameSummaries"))
+    CertificateSummary.add_member(:has_additional_subject_alternative_names, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "HasAdditionalSubjectAlternativeNames", metadata: {"box"=>true}))
+    CertificateSummary.add_member(:status, Shapes::ShapeRef.new(shape: CertificateStatus, location_name: "Status"))
+    CertificateSummary.add_member(:type, Shapes::ShapeRef.new(shape: CertificateType, location_name: "Type"))
+    CertificateSummary.add_member(:key_algorithm, Shapes::ShapeRef.new(shape: KeyAlgorithm, location_name: "KeyAlgorithm"))
+    CertificateSummary.add_member(:key_usages, Shapes::ShapeRef.new(shape: KeyUsageNames, location_name: "KeyUsages"))
+    CertificateSummary.add_member(:extended_key_usages, Shapes::ShapeRef.new(shape: ExtendedKeyUsageNames, location_name: "ExtendedKeyUsages"))
+    CertificateSummary.add_member(:in_use, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "InUse", metadata: {"box"=>true}))
+    CertificateSummary.add_member(:exported, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "Exported", metadata: {"box"=>true}))
+    CertificateSummary.add_member(:renewal_eligibility, Shapes::ShapeRef.new(shape: RenewalEligibility, location_name: "RenewalEligibility"))
+    CertificateSummary.add_member(:not_before, Shapes::ShapeRef.new(shape: TStamp, location_name: "NotBefore"))
+    CertificateSummary.add_member(:not_after, Shapes::ShapeRef.new(shape: TStamp, location_name: "NotAfter"))
+    CertificateSummary.add_member(:created_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "CreatedAt"))
+    CertificateSummary.add_member(:issued_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "IssuedAt"))
+    CertificateSummary.add_member(:imported_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "ImportedAt"))
+    CertificateSummary.add_member(:revoked_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "RevokedAt"))
     CertificateSummary.struct_class = Types::CertificateSummary
 
     CertificateSummaryList.member = Shapes::ShapeRef.new(shape: CertificateSummary)
@@ -206,6 +227,8 @@ module Aws::ACM
 
     ExtendedKeyUsageList.member = Shapes::ShapeRef.new(shape: ExtendedKeyUsage)
 
+    ExtendedKeyUsageNames.member = Shapes::ShapeRef.new(shape: ExtendedKeyUsageName)
+
     Filters.add_member(:extended_key_usage, Shapes::ShapeRef.new(shape: ExtendedKeyUsageFilterList, location_name: "extendedKeyUsage"))
     Filters.add_member(:key_usage, Shapes::ShapeRef.new(shape: KeyUsageFilterList, location_name: "keyUsage"))
     Filters.add_member(:key_types, Shapes::ShapeRef.new(shape: KeyAlgorithmList, location_name: "keyTypes"))
@@ -260,6 +283,8 @@ module Aws::ACM
 
     KeyUsageList.member = Shapes::ShapeRef.new(shape: KeyUsage)
 
+    KeyUsageNames.member = Shapes::ShapeRef.new(shape: KeyUsageName)
+
     LimitExceededException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     LimitExceededException.struct_class = Types::LimitExceededException
 
@@ -267,6 +292,8 @@ module Aws::ACM
     ListCertificatesRequest.add_member(:includes, Shapes::ShapeRef.new(shape: Filters, location_name: "Includes"))
     ListCertificatesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListCertificatesRequest.add_member(:max_items, Shapes::ShapeRef.new(shape: MaxItems, location_name: "MaxItems"))
+    ListCertificatesRequest.add_member(:sort_by, Shapes::ShapeRef.new(shape: SortBy, location_name: "SortBy"))
+    ListCertificatesRequest.add_member(:sort_order, Shapes::ShapeRef.new(shape: SortOrder, location_name: "SortOrder"))
     ListCertificatesRequest.struct_class = Types::ListCertificatesRequest
 
     ListCertificatesResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))

data/lib/aws-sdk-acm/endpoint_parameters.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws::ACM
+  # Endpoint parameters used to influence endpoints per request.
+  #
+  # @!attribute region
+  #   The AWS region used to dispatch the request.
+  #
+  #   @return [String]
+  #
+  # @!attribute use_dual_stack
+  #   When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.
+  #
+  #   @return [Boolean]
+  #
+  # @!attribute use_fips
+  #   When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.
+  #
+  #   @return [Boolean]
+  #
+  # @!attribute endpoint
+  #   Override the endpoint used to send this request
+  #
+  #   @return [String]
+  #
+  EndpointParameters = Struct.new(
+    :region,
+    :use_dual_stack,
+    :use_fips,
+    :endpoint,
+  ) do
+    include Aws::Structure
+
+    # @api private
+    class << self
+      PARAM_MAP = {
+        'Region' => :region,
+        'UseDualStack' => :use_dual_stack,
+        'UseFIPS' => :use_fips,
+        'Endpoint' => :endpoint,
+      }.freeze
+    end
+
+    def initialize(options = {})
+      self[:region] = options[:region]
+      self[:use_dual_stack] = options[:use_dual_stack]
+      self[:use_dual_stack] = false if self[:use_dual_stack].nil?
+      if self[:use_dual_stack].nil?
+        raise ArgumentError, "Missing required EndpointParameter: :use_dual_stack"
+      end
+      self[:use_fips] = options[:use_fips]
+      self[:use_fips] = false if self[:use_fips].nil?
+      if self[:use_fips].nil?
+        raise ArgumentError, "Missing required EndpointParameter: :use_fips"
+      end
+      self[:endpoint] = options[:endpoint]
+    end
+  end
+end

data/lib/aws-sdk-acm/endpoint_provider.rb

@@ -0,0 +1,116 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+module Aws::ACM
+  class EndpointProvider
+    def initialize(rule_set = nil)
+      @@rule_set ||= begin
+        endpoint_rules = Aws::Json.load(Base64.decode64(RULES))
+        Aws::Endpoints::RuleSet.new(
+          version: endpoint_rules['version'],
+          service_id: endpoint_rules['serviceId'],
+          parameters: endpoint_rules['parameters'],
+          rules: endpoint_rules['rules']
+        )
+      end
+      @provider = Aws::Endpoints::RulesProvider.new(rule_set || @@rule_set)
+    end
+
+    def resolve_endpoint(parameters)
+      @provider.resolve_endpoint(parameters)
+    end
+
+    # @api private
+    RULES = <<-JSON
+eyJ2ZXJzaW9uIjoiMS4wIiwicGFyYW1ldGVycyI6eyJSZWdpb24iOnsiYnVp
+bHRJbiI6IkFXUzo6UmVnaW9uIiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1bWVu
+dGF0aW9uIjoiVGhlIEFXUyByZWdpb24gdXNlZCB0byBkaXNwYXRjaCB0aGUg
+cmVxdWVzdC4iLCJ0eXBlIjoiU3RyaW5nIn0sIlVzZUR1YWxTdGFjayI6eyJi
+dWlsdEluIjoiQVdTOjpVc2VEdWFsU3RhY2siLCJyZXF1aXJlZCI6dHJ1ZSwi
+ZGVmYXVsdCI6ZmFsc2UsImRvY3VtZW50YXRpb24iOiJXaGVuIHRydWUsIHVz
+ZSB0aGUgZHVhbC1zdGFjayBlbmRwb2ludC4gSWYgdGhlIGNvbmZpZ3VyZWQg
+ZW5kcG9pbnQgZG9lcyBub3Qgc3VwcG9ydCBkdWFsLXN0YWNrLCBkaXNwYXRj
+aGluZyB0aGUgcmVxdWVzdCBNQVkgcmV0dXJuIGFuIGVycm9yLiIsInR5cGUi
+OiJCb29sZWFuIn0sIlVzZUZJUFMiOnsiYnVpbHRJbiI6IkFXUzo6VXNlRklQ
+UyIsInJlcXVpcmVkIjp0cnVlLCJkZWZhdWx0IjpmYWxzZSwiZG9jdW1lbnRh
+dGlvbiI6IldoZW4gdHJ1ZSwgc2VuZCB0aGlzIHJlcXVlc3QgdG8gdGhlIEZJ
+UFMtY29tcGxpYW50IHJlZ2lvbmFsIGVuZHBvaW50LiBJZiB0aGUgY29uZmln
+dXJlZCBlbmRwb2ludCBkb2VzIG5vdCBoYXZlIGEgRklQUyBjb21wbGlhbnQg
+ZW5kcG9pbnQsIGRpc3BhdGNoaW5nIHRoZSByZXF1ZXN0IHdpbGwgcmV0dXJu
+IGFuIGVycm9yLiIsInR5cGUiOiJCb29sZWFuIn0sIkVuZHBvaW50Ijp7ImJ1
+aWx0SW4iOiJTREs6OkVuZHBvaW50IiwicmVxdWlyZWQiOmZhbHNlLCJkb2N1
+bWVudGF0aW9uIjoiT3ZlcnJpZGUgdGhlIGVuZHBvaW50IHVzZWQgdG8gc2Vu
+ZCB0aGlzIHJlcXVlc3QiLCJ0eXBlIjoiU3RyaW5nIn19LCJydWxlcyI6W3si
+Y29uZGl0aW9ucyI6W3siZm4iOiJhd3MucGFydGl0aW9uIiwiYXJndiI6W3si
+cmVmIjoiUmVnaW9uIn1dLCJhc3NpZ24iOiJQYXJ0aXRpb25SZXN1bHQifV0s
+InR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoi
+aXNTZXQiLCJhcmd2IjpbeyJyZWYiOiJFbmRwb2ludCJ9XX0seyJmbiI6InBh
+cnNlVVJMIiwiYXJndiI6W3sicmVmIjoiRW5kcG9pbnQifV0sImFzc2lnbiI6
+InVybCJ9XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6
+W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQ
+UyJ9LHRydWVdfV0sImVycm9yIjoiSW52YWxpZCBDb25maWd1cmF0aW9uOiBG
+SVBTIGFuZCBjdXN0b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0
+eXBlIjoiZXJyb3IifSx7ImNvbmRpdGlvbnMiOltdLCJ0eXBlIjoidHJlZSIs
+InJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMi
+LCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJlcnJv
+ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRHVhbHN0YWNrIGFuZCBjdXN0
+b20gZW5kcG9pbnQgYXJlIG5vdCBzdXBwb3J0ZWQiLCJ0eXBlIjoiZXJyb3Ii
+fSx7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOnsicmVmIjoi
+RW5kcG9pbnQifSwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwidHlw
+ZSI6ImVuZHBvaW50In1dfV19LHsiY29uZGl0aW9ucyI6W3siZm4iOiJib29s
+ZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQUyJ9LHRydWVdfSx7
+ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxT
+dGFjayJ9LHRydWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRp
+dGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsi
+Zm4iOiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0
+In0sInN1cHBvcnRzRklQUyJdfV19LHsiZm4iOiJib29sZWFuRXF1YWxzIiwi
+YXJndiI6W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQ
+YXJ0aXRpb25SZXN1bHQifSwic3VwcG9ydHNEdWFsU3RhY2siXX1dfV0sInR5
+cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2lu
+dCI6eyJ1cmwiOiJodHRwczovL2FjbS1maXBzLntSZWdpb259LntQYXJ0aXRp
+b25SZXN1bHQjZHVhbFN0YWNrRG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9
+LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX0seyJjb25kaXRp
+b25zIjpbXSwiZXJyb3IiOiJGSVBTIGFuZCBEdWFsU3RhY2sgYXJlIGVuYWJs
+ZWQsIGJ1dCB0aGlzIHBhcnRpdGlvbiBkb2VzIG5vdCBzdXBwb3J0IG9uZSBv
+ciBib3RoIiwidHlwZSI6ImVycm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZu
+IjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUZJUFMifSx0
+cnVlXX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpb
+eyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1ZSx7ImZuIjoiZ2V0
+QXR0ciIsImFyZ3YiOlt7InJlZiI6IlBhcnRpdGlvblJlc3VsdCJ9LCJzdXBw
+b3J0c0ZJUFMiXX1dfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRp
+dGlvbnMiOltdLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25z
+IjpbeyJmbiI6InN0cmluZ0VxdWFscyIsImFyZ3YiOlsiYXdzLXVzLWdvdiIs
+eyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQYXJ0aXRpb25SZXN1
+bHQifSwibmFtZSJdfV19XSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9h
+Y20ue1JlZ2lvbn0ue1BhcnRpdGlvblJlc3VsdCNkbnNTdWZmaXh9IiwicHJv
+cGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwidHlwZSI6ImVuZHBvaW50In0s
+eyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9h
+Y20tZmlwcy57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2Ruc1N1ZmZpeH0i
+LCJwcm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9p
+bnQifV19XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3IiOiJGSVBTIGlzIGVu
+YWJsZWQgYnV0IHRoaXMgcGFydGl0aW9uIGRvZXMgbm90IHN1cHBvcnQgRklQ
+UyIsInR5cGUiOiJlcnJvciJ9XX0seyJjb25kaXRpb25zIjpbeyJmbiI6ImJv
+b2xlYW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0
+cnVlXX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpb
+eyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1ZSx7ImZuIjoiZ2V0
+QXR0ciIsImFyZ3YiOlt7InJlZiI6IlBhcnRpdGlvblJlc3VsdCJ9LCJzdXBw
+b3J0c0R1YWxTdGFjayJdfV19XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3si
+Y29uZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vYWNt
+LntSZWdpb259LntQYXJ0aXRpb25SZXN1bHQjZHVhbFN0YWNrRG5zU3VmZml4
+fSIsInByb3BlcnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRw
+b2ludCJ9XX0seyJjb25kaXRpb25zIjpbXSwiZXJyb3IiOiJEdWFsU3RhY2sg
+aXMgZW5hYmxlZCBidXQgdGhpcyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9y
+dCBEdWFsU3RhY2siLCJ0eXBlIjoiZXJyb3IifV19LHsiY29uZGl0aW9ucyI6
+W10sImVuZHBvaW50Ijp7InVybCI6Imh0dHBzOi8vYWNtLntSZWdpb259LntQ
+YXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4fSIsInByb3BlcnRpZXMiOnt9LCJo
+ZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1dfQ==
+
+    JSON
+  end
+end

data/lib/aws-sdk-acm/endpoints.rb

@@ -0,0 +1,225 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+
+module Aws::ACM
+  module Endpoints
+
+    class AddTagsToCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class DeleteCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class DescribeCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class ExportCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class GetAccountConfiguration
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class GetCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class ImportCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class ListCertificates
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class ListTagsForCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class PutAccountConfiguration
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class RemoveTagsFromCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class RenewCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class RequestCertificate
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class ResendValidationEmail
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class UpdateCertificateOptions
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ACM::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+  end
+end

data/lib/aws-sdk-acm/plugins/endpoints.rb

@@ -0,0 +1,98 @@
+# frozen_string_literal: true
+
+# WARNING ABOUT GENERATED CODE
+#
+# This file is generated. See the contributing guide for more information:
+# https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
+#
+# WARNING ABOUT GENERATED CODE
+
+
+module Aws::ACM
+  module Plugins
+    class Endpoints < Seahorse::Client::Plugin
+      option(
+        :endpoint_provider,
+        doc_type: 'Aws::ACM::EndpointProvider',
+        docstring: 'The endpoint provider used to resolve endpoints. Any '\
+                   'object that responds to `#resolve_endpoint(parameters)` '\
+                   'where `parameters` is a Struct similar to '\
+                   '`Aws::ACM::EndpointParameters`'
+      ) do |cfg|
+        Aws::ACM::EndpointProvider.new
+      end
+
+      # @api private
+      class Handler < Seahorse::Client::Handler
+        def call(context)
+          # If endpoint was discovered, do not resolve or apply the endpoint.
+          unless context[:discovered_endpoint]
+            params = parameters_for_operation(context)
+            endpoint = context.config.endpoint_provider.resolve_endpoint(params)
+
+            context.http_request.endpoint = endpoint.url
+            apply_endpoint_headers(context, endpoint.headers)
+          end
+
+          context[:endpoint_params] = params
+          context[:auth_scheme] =
+            Aws::Endpoints.resolve_auth_scheme(context, endpoint)
+
+          @handler.call(context)
+        end
+
+        private
+
+        def apply_endpoint_headers(context, headers)
+          headers.each do |key, values|
+            value = values
+              .compact
+              .map { |s| Seahorse::Util.escape_header_list_string(s.to_s) }
+              .join(',')
+
+            context.http_request.headers[key] = value
+          end
+        end
+
+        def parameters_for_operation(context)
+          case context.operation_name
+          when :add_tags_to_certificate
+            Aws::ACM::Endpoints::AddTagsToCertificate.build(context)
+          when :delete_certificate
+            Aws::ACM::Endpoints::DeleteCertificate.build(context)
+          when :describe_certificate
+            Aws::ACM::Endpoints::DescribeCertificate.build(context)
+          when :export_certificate
+            Aws::ACM::Endpoints::ExportCertificate.build(context)
+          when :get_account_configuration
+            Aws::ACM::Endpoints::GetAccountConfiguration.build(context)
+          when :get_certificate
+            Aws::ACM::Endpoints::GetCertificate.build(context)
+          when :import_certificate
+            Aws::ACM::Endpoints::ImportCertificate.build(context)
+          when :list_certificates
+            Aws::ACM::Endpoints::ListCertificates.build(context)
+          when :list_tags_for_certificate
+            Aws::ACM::Endpoints::ListTagsForCertificate.build(context)
+          when :put_account_configuration
+            Aws::ACM::Endpoints::PutAccountConfiguration.build(context)
+          when :remove_tags_from_certificate
+            Aws::ACM::Endpoints::RemoveTagsFromCertificate.build(context)
+          when :renew_certificate
+            Aws::ACM::Endpoints::RenewCertificate.build(context)
+          when :request_certificate
+            Aws::ACM::Endpoints::RequestCertificate.build(context)
+          when :resend_validation_email
+            Aws::ACM::Endpoints::ResendValidationEmail.build(context)
+          when :update_certificate_options
+            Aws::ACM::Endpoints::UpdateCertificateOptions.build(context)
+          end
+        end
+      end
+
+      def add_handlers(handlers, _config)
+        handlers.add(Handler, step: :build, priority: 75)
+      end
+    end
+  end
+end

data/lib/aws-sdk-acm/types.rb

@@ -120,12 +120,27 @@ module Aws::ACM
     #   @return [Time]
     #
     # @!attribute [rw] imported_at
-    #   The date and time at which the certificate was imported. This value
+    #   The date and time when the certificate was imported. This value
     #   exists only when the certificate type is `IMPORTED`.
     #   @return [Time]
     #
     # @!attribute [rw] status
     #   The status of the certificate.
+    #
+    #   A certificate enters status PENDING\_VALIDATION upon being
+    #   requested, unless it fails for any of the reasons given in the
+    #   troubleshooting topic [Certificate request fails][1]. ACM makes
+    #   repeated attempts to validate a certificate for 72 hours and then
+    #   times out. If a certificate shows status FAILED or
+    #   VALIDATION\_TIMED\_OUT, delete the request, correct the issue with
+    #   [DNS validation][2] or [Email validation][3], and try again. If
+    #   validation succeeds, the certificate enters status ISSUED.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html
+    #   [2]: https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html
+    #   [3]: https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html
     #   @return [String]
     #
     # @!attribute [rw] revoked_at
@@ -163,8 +178,8 @@ module Aws::ACM
     # @!attribute [rw] failure_reason
     #   The reason the certificate request failed. This value exists only
     #   when the certificate status is `FAILED`. For more information, see
-    #   [Certificate Request Failed][1] in the *Amazon Web Services
-    #   Certificate Manager User Guide*.
+    #   [Certificate Request Failed][1] in the *Certificate Manager User
+    #   Guide*.
     #
     #
     #
@@ -178,7 +193,7 @@ module Aws::ACM
     #   provide [managed renewal][1] for imported certificates. For more
     #   information about the differences between certificates that you
     #   import and those that ACM provides, see [Importing Certificates][2]
-    #   in the *Amazon Web Services Certificate Manager User Guide*.
+    #   in the *Certificate Manager User Guide*.
     #
     #
     #
@@ -210,9 +225,8 @@ module Aws::ACM
     #   @return [Array<Types::ExtendedKeyUsage>]
     #
     # @!attribute [rw] certificate_authority_arn
-    #   The Amazon Resource Name (ARN) of the ACM PCA private certificate
-    #   authority (CA) that issued the certificate. This has the following
-    #   format:
+    #   The Amazon Resource Name (ARN) of the private certificate authority
+    #   (CA) that issued the certificate. This has the following format:
     #
     #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
     #   @return [String]
@@ -319,11 +333,155 @@ module Aws::ACM
     #   example.com, for the certificate.
     #   @return [String]
     #
+    # @!attribute [rw] subject_alternative_name_summaries
+    #   One or more domain names (subject alternative names) included in the
+    #   certificate. This list contains the domain names that are bound to
+    #   the public key that is contained in the certificate. The subject
+    #   alternative names include the canonical domain name (CN) of the
+    #   certificate and additional domain names that can be used to connect
+    #   to the website.
+    #
+    #   When called by [ListCertificates][1], this parameter will only
+    #   return the first 100 subject alternative names included in the
+    #   certificate. To display the full list of subject alternative names,
+    #   use [DescribeCertificate][2].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html
+    #   [2]: https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] has_additional_subject_alternative_names
+    #   When called by [ListCertificates][1], indicates whether the full
+    #   list of subject alternative names has been included in the response.
+    #   If false, the response includes all of the subject alternative names
+    #   included in the certificate. If true, the response only includes the
+    #   first 100 subject alternative names included in the certificate. To
+    #   display the full list of subject alternative names, use
+    #   [DescribeCertificate][2].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html
+    #   [2]: https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] status
+    #   The status of the certificate.
+    #
+    #   A certificate enters status PENDING\_VALIDATION upon being
+    #   requested, unless it fails for any of the reasons given in the
+    #   troubleshooting topic [Certificate request fails][1]. ACM makes
+    #   repeated attempts to validate a certificate for 72 hours and then
+    #   times out. If a certificate shows status FAILED or
+    #   VALIDATION\_TIMED\_OUT, delete the request, correct the issue with
+    #   [DNS validation][2] or [Email validation][3], and try again. If
+    #   validation succeeds, the certificate enters status ISSUED.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html
+    #   [2]: https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html
+    #   [3]: https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html
+    #   @return [String]
+    #
+    # @!attribute [rw] type
+    #   The source of the certificate. For certificates provided by ACM,
+    #   this value is `AMAZON_ISSUED`. For certificates that you imported
+    #   with ImportCertificate, this value is `IMPORTED`. ACM does not
+    #   provide [managed renewal][1] for imported certificates. For more
+    #   information about the differences between certificates that you
+    #   import and those that ACM provides, see [Importing Certificates][2]
+    #   in the *Certificate Manager User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
+    #   [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
+    #   @return [String]
+    #
+    # @!attribute [rw] key_algorithm
+    #   The algorithm that was used to generate the public-private key pair.
+    #   @return [String]
+    #
+    # @!attribute [rw] key_usages
+    #   A list of Key Usage X.509 v3 extension objects. Each object is a
+    #   string value that identifies the purpose of the public key contained
+    #   in the certificate. Possible extension values include
+    #   DIGITAL\_SIGNATURE, KEY\_ENCHIPHERMENT, NON\_REPUDIATION, and more.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] extended_key_usages
+    #   Contains a list of Extended Key Usage X.509 v3 extension objects.
+    #   Each object specifies a purpose for which the certificate public key
+    #   can be used and consists of a name and an object identifier (OID).
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] in_use
+    #   Indicates whether the certificate is currently in use by any Amazon
+    #   Web Services resources.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] exported
+    #   Indicates whether the certificate has been exported. This value
+    #   exists only when the certificate type is `PRIVATE`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] renewal_eligibility
+    #   Specifies whether the certificate is eligible for renewal. At this
+    #   time, only exported private certificates can be renewed with the
+    #   RenewCertificate command.
+    #   @return [String]
+    #
+    # @!attribute [rw] not_before
+    #   The time before which the certificate is not valid.
+    #   @return [Time]
+    #
+    # @!attribute [rw] not_after
+    #   The time after which the certificate is not valid.
+    #   @return [Time]
+    #
+    # @!attribute [rw] created_at
+    #   The time at which the certificate was requested.
+    #   @return [Time]
+    #
+    # @!attribute [rw] issued_at
+    #   The time at which the certificate was issued. This value exists only
+    #   when the certificate type is `AMAZON_ISSUED`.
+    #   @return [Time]
+    #
+    # @!attribute [rw] imported_at
+    #   The date and time when the certificate was imported. This value
+    #   exists only when the certificate type is `IMPORTED`.
+    #   @return [Time]
+    #
+    # @!attribute [rw] revoked_at
+    #   The time at which the certificate was revoked. This value exists
+    #   only when the certificate status is `REVOKED`.
+    #   @return [Time]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/CertificateSummary AWS API Documentation
     #
     class CertificateSummary < Struct.new(
       :certificate_arn,
-      :domain_name)
+      :domain_name,
+      :subject_alternative_name_summaries,
+      :has_additional_subject_alternative_names,
+      :status,
+      :type,
+      :key_algorithm,
+      :key_usages,
+      :extended_key_usages,
+      :in_use,
+      :exported,
+      :renewal_eligibility,
+      :not_before,
+      :not_after,
+      :created_at,
+      :issued_at,
+      :imported_at,
+      :revoked_at)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -560,10 +718,17 @@ module Aws::ACM
     #   @return [String]
     #
     # @!attribute [rw] passphrase
-    #   Passphrase to associate with the encrypted exported private key. If
-    #   you want to later decrypt the private key, you must have the
+    #   Passphrase to associate with the encrypted exported private key.
+    #
+    #   <note markdown="1"> When creating your passphrase, you can use any ASCII character
+    #   except #, $, or %.
+    #
+    #    </note>
+    #
+    #   If you want to later decrypt the private key, you must have the
     #   passphrase. You can use the following OpenSSL command to decrypt a
-    #   private key:
+    #   private key. After entering the command, you are prompted for the
+    #   passphrase.
     #
     #   `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
     #   @return [String]
@@ -671,7 +836,7 @@ module Aws::ACM
     #   certificates that have at least one domain. To return other
     #   certificate types, provide the desired type signatures in a
     #   comma-separated list. For example, `"keyTypes":
-    #   ["RSA_2048,RSA_4096"]` returns both `RSA_2048` and `RSA_4096`
+    #   ["RSA_2048","RSA_4096"]` returns both `RSA_2048` and `RSA_4096`
     #   certificates.
     #   @return [Array<String>]
     #
@@ -940,6 +1105,8 @@ module Aws::ACM
     #         },
     #         next_token: "NextToken",
     #         max_items: 1,
+    #         sort_by: "CREATED_AT", # accepts CREATED_AT
+    #         sort_order: "ASCENDING", # accepts ASCENDING, DESCENDING
     #       }
     #
     # @!attribute [rw] certificate_statuses
@@ -966,13 +1133,25 @@ module Aws::ACM
     #   retrieve additional items.
     #   @return [Integer]
     #
+    # @!attribute [rw] sort_by
+    #   Specifies the field to sort results by. If you specify `SortBy`, you
+    #   must also specify `SortOrder`.
+    #   @return [String]
+    #
+    # @!attribute [rw] sort_order
+    #   Specifies the order of sorted results. If you specify `SortOrder`,
+    #   you must also specify `SortBy`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ListCertificatesRequest AWS API Documentation
     #
     class ListCertificatesRequest < Struct.new(
       :certificate_statuses,
       :includes,
       :next_token,
-      :max_items)
+      :max_items,
+      :sort_by,
+      :sort_order)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1218,9 +1397,15 @@ module Aws::ACM
     #   same domain. For example, *.example.com protects www.example.com,
     #   site.example.com, and images.example.com.
     #
-    #   The first domain name you enter cannot exceed 64 octets, including
-    #   periods. Each subsequent Subject Alternative Name (SAN), however,
-    #   can be up to 253 octets in length.
+    #   In compliance with [RFC 5280][1], the length of the domain name
+    #   (technically, the Common Name) that you provide cannot exceed 64
+    #   octets (characters), including periods. To add a longer domain name,
+    #   specify it in the Subject Alternative Name field, which supports
+    #   names up to 253 octets in length.
+    #
+    #
+    #
+    #   [1]: https://datatracker.ietf.org/doc/html/rfc5280
     #   @return [String]
     #
     # @!attribute [rw] validation_method
@@ -1300,9 +1485,8 @@ module Aws::ACM
     #   (CA) that will be used to issue the certificate. If you do not
     #   provide an ARN and you are trying to request a private certificate,
     #   ACM will attempt to issue a public certificate. For more information
-    #   about private CAs, see the [Amazon Web Services Certificate Manager
-    #   Private Certificate Authority (PCA)][1] user guide. The ARN must
-    #   have the following form:
+    #   about private CAs, see the [Certificate Manager Private Certificate
+    #   Authority][1] user guide. The ARN must have the following form:
     #
     #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
     #

data/lib/aws-sdk-acm.rb

@@ -13,10 +13,14 @@ require 'aws-sigv4'
 
 require_relative 'aws-sdk-acm/types'
 require_relative 'aws-sdk-acm/client_api'
+require_relative 'aws-sdk-acm/plugins/endpoints.rb'
 require_relative 'aws-sdk-acm/client'
 require_relative 'aws-sdk-acm/errors'
 require_relative 'aws-sdk-acm/waiters'
 require_relative 'aws-sdk-acm/resource'
+require_relative 'aws-sdk-acm/endpoint_parameters'
+require_relative 'aws-sdk-acm/endpoint_provider'
+require_relative 'aws-sdk-acm/endpoints'
 require_relative 'aws-sdk-acm/customizations'
 
 # This module provides support for AWS Certificate Manager. This module is available in the
@@ -49,6 +53,6 @@ require_relative 'aws-sdk-acm/customizations'
 # @!group service
 module Aws::ACM
 
-  GEM_VERSION = '1.51.0'
+  GEM_VERSION = '1.53.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acm
 version: !ruby/object:Gem::Version
-  version: 1.51.0
+  version: 1.53.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-24 00:00:00.000000000 Z
+date: 2022-10-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.127.0
+        version: 3.165.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.127.0
+        version: 3.165.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement
@@ -59,7 +59,11 @@ files:
 - lib/aws-sdk-acm/client.rb
 - lib/aws-sdk-acm/client_api.rb
 - lib/aws-sdk-acm/customizations.rb
+- lib/aws-sdk-acm/endpoint_parameters.rb
+- lib/aws-sdk-acm/endpoint_provider.rb
+- lib/aws-sdk-acm/endpoints.rb
 - lib/aws-sdk-acm/errors.rb
+- lib/aws-sdk-acm/plugins/endpoints.rb
 - lib/aws-sdk-acm/resource.rb
 - lib/aws-sdk-acm/types.rb
 - lib/aws-sdk-acm/waiters.rb