RubyGems - aws-sdk-acm - Versions diffs - 1.51.0 → 1.52.0 - Mend

aws-sdk-acm 1.51.0 → 1.52.0

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-acm/client.rb +74 -28
data/lib/aws-sdk-acm/client_api.rb +27 -0
data/lib/aws-sdk-acm/types.rb +203 -19
data/lib/aws-sdk-acm.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 913896ae7a069734051c3ef60f44db29225f87d75fbe0c571895ab69ffd8e486
-  data.tar.gz: a62b762978d0e1cba90b37928f374de4949464308ea96ffcd6b7e8023dcd7666
+  metadata.gz: db6d2123b6e6ba15d6e7dd8ee6d1cdcf5f4ed1763312515e14a82cceb9770f95
+  data.tar.gz: 3b1ecb9a93394429f9c7da1edcfc23f350825e68091dc0f508432d1697a6b9e4
 SHA512:
-  metadata.gz: a6bd487e6d40855eb724c08ef8a4bdc8e99563aae3578752dc5f36871bc9ab5419657dd6f914e7a8b70ac9603691517579c6aab511783c3ba0ea8fd92540d30b
-  data.tar.gz: 9d4f7b888cd376c94e4ec8a69b414fe95bf5b8da99e271702b6773606b22c5f672548c525164ce7073704c3042f243f722df0f8ea2aeea56d1d65252f2303aa8
+  metadata.gz: bf6faad310ffde09e71b4d9cf8818018d8474caef6e998a2e21d97d92c5e65e39f9e2b66efe7c9e09f49d7cbfb4aa894c27c8a776b032e76d6b3b78ad0495990
+  data.tar.gz: 40611f93d2ac3be8a03e260e16b4ebdb9abbb357c68841bec060da59f5cd684e5bdaf349a1f08cde218ada48844e04708c820e7a28abdd90fe91ad380cf310ba

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.52.0 (2022-09-29)
+------------------
+* Feature - This update returns additional certificate details such as certificate SANs and allows sorting in the ListCertificates API.
 1.51.0 (2022-02-24)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.51.0
1	+ 1.52.0

data/lib/aws-sdk-acm/client.rb CHANGED Viewed

@@ -468,6 +468,10 @@ module Aws::ACM
     # Returns detailed metadata about the specified ACM certificate.
     #
+    # If you have just created a certificate using the `RequestCertificate`
+    # action, there is a delay of several seconds before you can retrieve
+    # information about it.
+    #
     # @option params [required, String] :certificate_arn
     #   The Amazon Resource Name (ARN) of the ACM certificate. The ARN must
     #   have the following form:
@@ -581,10 +585,17 @@ module Aws::ACM
     #   `arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012`
     #
     # @option params [required, String, StringIO, File] :passphrase
-    #   Passphrase to associate with the encrypted exported private key. If
-    #   you want to later decrypt the private key, you must have the
+    #   Passphrase to associate with the encrypted exported private key.
+    #
+    #   <note markdown="1"> When creating your passphrase, you can use any ASCII character except
+    #   #, $, or %.
+    #
+    #    </note>
+    #
+    #   If you want to later decrypt the private key, you must have the
     #   passphrase. You can use the following OpenSSL command to decrypt a
-    #   private key:
+    #   private key. After entering the command, you are prompted for the
+    #   passphrase.
     #
     #   `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
     #
@@ -683,15 +694,14 @@ module Aws::ACM
       req.send_request(options)
     end
-    # Imports a certificate into Amazon Web Services Certificate Manager
-    # (ACM) to use with services that are integrated with ACM. Note that
-    # [integrated services][1] allow only certificate types and keys they
-    # support to be associated with their resources. Further, their support
-    # differs depending on whether the certificate is imported into IAM or
-    # into ACM. For more information, see the documentation for each
-    # service. For more information about importing certificates into ACM,
-    # see [Importing Certificates][2] in the *Amazon Web Services
-    # Certificate Manager User Guide*.
+    # Imports a certificate into Certificate Manager (ACM) to use with
+    # services that are integrated with ACM. Note that [integrated
+    # services][1] allow only certificate types and keys they support to be
+    # associated with their resources. Further, their support differs
+    # depending on whether the certificate is imported into IAM or into ACM.
+    # For more information, see the documentation for each service. For more
+    # information about importing certificates into ACM, see [Importing
+    # Certificates][2] in the *Certificate Manager User Guide*.
     #
     # <note markdown="1"> ACM does not provide [managed renewal][3] for certificates that you
     # import.
@@ -833,6 +843,14 @@ module Aws::ACM
     #   response. Use this `NextToken` value in a subsequent request to
     #   retrieve additional items.
     #
+    # @option params [String] :sort_by
+    #   Specifies the field to sort results by. If you specify `SortBy`, you
+    #   must also specify `SortOrder`.
+    #
+    # @option params [String] :sort_order
+    #   Specifies the order of sorted results. If you specify `SortOrder`, you
+    #   must also specify `SortBy`.
+    #
     # @return [Types::ListCertificatesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListCertificatesResponse#next_token #next_token} => String
@@ -851,6 +869,8 @@ module Aws::ACM
     #     },
     #     next_token: "NextToken",
     #     max_items: 1,
+    #     sort_by: "CREATED_AT", # accepts CREATED_AT
+    #     sort_order: "ASCENDING", # accepts ASCENDING, DESCENDING
     #   })
     #
     # @example Response structure
@@ -859,6 +879,25 @@ module Aws::ACM
     #   resp.certificate_summary_list #=> Array
     #   resp.certificate_summary_list[0].certificate_arn #=> String
     #   resp.certificate_summary_list[0].domain_name #=> String
+    #   resp.certificate_summary_list[0].subject_alternative_name_summaries #=> Array
+    #   resp.certificate_summary_list[0].subject_alternative_name_summaries[0] #=> String
+    #   resp.certificate_summary_list[0].has_additional_subject_alternative_names #=> Boolean
+    #   resp.certificate_summary_list[0].status #=> String, one of "PENDING_VALIDATION", "ISSUED", "INACTIVE", "EXPIRED", "VALIDATION_TIMED_OUT", "REVOKED", "FAILED"
+    #   resp.certificate_summary_list[0].type #=> String, one of "IMPORTED", "AMAZON_ISSUED", "PRIVATE"
+    #   resp.certificate_summary_list[0].key_algorithm #=> String, one of "RSA_1024", "RSA_2048", "RSA_3072", "RSA_4096", "EC_prime256v1", "EC_secp384r1", "EC_secp521r1"
+    #   resp.certificate_summary_list[0].key_usages #=> Array
+    #   resp.certificate_summary_list[0].key_usages[0] #=> String, one of "DIGITAL_SIGNATURE", "NON_REPUDIATION", "KEY_ENCIPHERMENT", "DATA_ENCIPHERMENT", "KEY_AGREEMENT", "CERTIFICATE_SIGNING", "CRL_SIGNING", "ENCIPHER_ONLY", "DECIPHER_ONLY", "ANY", "CUSTOM"
+    #   resp.certificate_summary_list[0].extended_key_usages #=> Array
+    #   resp.certificate_summary_list[0].extended_key_usages[0] #=> String, one of "TLS_WEB_SERVER_AUTHENTICATION", "TLS_WEB_CLIENT_AUTHENTICATION", "CODE_SIGNING", "EMAIL_PROTECTION", "TIME_STAMPING", "OCSP_SIGNING", "IPSEC_END_SYSTEM", "IPSEC_TUNNEL", "IPSEC_USER", "ANY", "NONE", "CUSTOM"
+    #   resp.certificate_summary_list[0].in_use #=> Boolean
+    #   resp.certificate_summary_list[0].exported #=> Boolean
+    #   resp.certificate_summary_list[0].renewal_eligibility #=> String, one of "ELIGIBLE", "INELIGIBLE"
+    #   resp.certificate_summary_list[0].not_before #=> Time
+    #   resp.certificate_summary_list[0].not_after #=> Time
+    #   resp.certificate_summary_list[0].created_at #=> Time
+    #   resp.certificate_summary_list[0].issued_at #=> Time
+    #   resp.certificate_summary_list[0].imported_at #=> Time
+    #   resp.certificate_summary_list[0].revoked_at #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ListCertificates AWS API Documentation
     #
@@ -1002,9 +1041,9 @@ module Aws::ACM
     # Renews an eligible ACM certificate. At this time, only exported
     # private certificates can be renewed with this operation. In order to
-    # renew your ACM PCA certificates with ACM, you must first [grant the
-    # ACM service principal permission to do so][1]. For more information,
-    # see [Testing Managed Renewal][2] in the ACM User Guide.
+    # renew your ACM Private CA certificates with ACM, you must first [grant
+    # the ACM service principal permission to do so][1]. For more
+    # information, see [Testing Managed Renewal][2] in the ACM User Guide.
     #
     #
     #
@@ -1054,19 +1093,21 @@ module Aws::ACM
     # We recommend that you use DNS validation. ACM issues public
     # certificates after receiving approval from the domain owner.
     #
-    # <note markdown="1"> ACM behavior differs from the
-    # [https://tools.ietf.org/html/rfc6125#appendix-B.2][3]RFC 6125
-    # specification of the certificate validation process. first checks for
-    # a subject alternative name, and, if it finds one, ignores the common
-    # name (CN)
+    # <note markdown="1"> ACM behavior differs from the [RFC 6125][3] specification of the
+    # certificate validation process. ACM first checks for a Subject
+    # Alternative Name, and, if it finds one, ignores the common name (CN).
     #
     #  </note>
     #
+    # After successful completion of the `RequestCertificate` action, there
+    # is a delay of several seconds before you can retrieve information
+    # about the new certificate.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
     # [2]: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html
-    # [3]: https://tools.ietf.org/html/rfc6125#appendix-B.2
+    # [3]: https://datatracker.ietf.org/doc/html/rfc6125#appendix-B.2
     #
     # @option params [required, String] :domain_name
     #   Fully qualified domain name (FQDN), such as www.example.com, that you
@@ -1075,9 +1116,15 @@ module Aws::ACM
     #   For example, *.example.com protects www.example.com,
     #   site.example.com, and images.example.com.
     #
-    #   The first domain name you enter cannot exceed 64 octets, including
-    #   periods. Each subsequent Subject Alternative Name (SAN), however, can
-    #   be up to 253 octets in length.
+    #   In compliance with [RFC 5280][1], the length of the domain name
+    #   (technically, the Common Name) that you provide cannot exceed 64
+    #   octets (characters), including periods. To add a longer domain name,
+    #   specify it in the Subject Alternative Name field, which supports names
+    #   up to 253 octets in length.
+    #
+    #
+    #
+    #   [1]: https://datatracker.ietf.org/doc/html/rfc5280
     #
     # @option params [String] :validation_method
     #   The method you want to use if you are requesting a public certificate
@@ -1150,9 +1197,8 @@ module Aws::ACM
     #   (CA) that will be used to issue the certificate. If you do not provide
     #   an ARN and you are trying to request a private certificate, ACM will
     #   attempt to issue a public certificate. For more information about
-    #   private CAs, see the [Amazon Web Services Certificate Manager Private
-    #   Certificate Authority (PCA)][1] user guide. The ARN must have the
-    #   following form:
+    #   private CAs, see the [Certificate Manager Private Certificate
+    #   Authority][1] user guide. The ARN must have the following form:
     #
     #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
     #
@@ -1330,7 +1376,7 @@ module Aws::ACM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-acm'
-      context[:gem_version] = '1.51.0'
+      context[:gem_version] = '1.52.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-acm/client_api.rb CHANGED Viewed

@@ -47,6 +47,7 @@ module Aws::ACM
     ExtendedKeyUsageFilterList = Shapes::ListShape.new(name: 'ExtendedKeyUsageFilterList')
     ExtendedKeyUsageList = Shapes::ListShape.new(name: 'ExtendedKeyUsageList')
     ExtendedKeyUsageName = Shapes::StringShape.new(name: 'ExtendedKeyUsageName')
+    ExtendedKeyUsageNames = Shapes::ListShape.new(name: 'ExtendedKeyUsageNames')
     FailureReason = Shapes::StringShape.new(name: 'FailureReason')
     Filters = Shapes::StructureShape.new(name: 'Filters')
     GetAccountConfigurationResponse = Shapes::StructureShape.new(name: 'GetAccountConfigurationResponse')
@@ -68,6 +69,7 @@ module Aws::ACM
     KeyUsageFilterList = Shapes::ListShape.new(name: 'KeyUsageFilterList')
     KeyUsageList = Shapes::ListShape.new(name: 'KeyUsageList')
     KeyUsageName = Shapes::StringShape.new(name: 'KeyUsageName')
+    KeyUsageNames = Shapes::ListShape.new(name: 'KeyUsageNames')
     LimitExceededException = Shapes::StructureShape.new(name: 'LimitExceededException')
     ListCertificatesRequest = Shapes::StructureShape.new(name: 'ListCertificatesRequest')
     ListCertificatesResponse = Shapes::StructureShape.new(name: 'ListCertificatesResponse')
@@ -75,6 +77,7 @@ module Aws::ACM
     ListTagsForCertificateResponse = Shapes::StructureShape.new(name: 'ListTagsForCertificateResponse')
     MaxItems = Shapes::IntegerShape.new(name: 'MaxItems')
     NextToken = Shapes::StringShape.new(name: 'NextToken')
+    NullableBoolean = Shapes::BooleanShape.new(name: 'NullableBoolean')
     PassphraseBlob = Shapes::BlobShape.new(name: 'PassphraseBlob')
     PositiveInteger = Shapes::IntegerShape.new(name: 'PositiveInteger')
     PrivateKey = Shapes::StringShape.new(name: 'PrivateKey')
@@ -95,6 +98,8 @@ module Aws::ACM
     ResourceRecord = Shapes::StructureShape.new(name: 'ResourceRecord')
     RevocationReason = Shapes::StringShape.new(name: 'RevocationReason')
     ServiceErrorMessage = Shapes::StringShape.new(name: 'ServiceErrorMessage')
+    SortBy = Shapes::StringShape.new(name: 'SortBy')
+    SortOrder = Shapes::StringShape.new(name: 'SortOrder')
     String = Shapes::StringShape.new(name: 'String')
     TStamp = Shapes::TimestampShape.new(name: 'TStamp')
     Tag = Shapes::StructureShape.new(name: 'Tag')
@@ -152,6 +157,22 @@ module Aws::ACM
     CertificateSummary.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "CertificateArn"))
     CertificateSummary.add_member(:domain_name, Shapes::ShapeRef.new(shape: DomainNameString, location_name: "DomainName"))
+    CertificateSummary.add_member(:subject_alternative_name_summaries, Shapes::ShapeRef.new(shape: DomainList, location_name: "SubjectAlternativeNameSummaries"))
+    CertificateSummary.add_member(:has_additional_subject_alternative_names, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "HasAdditionalSubjectAlternativeNames", metadata: {"box"=>true}))
+    CertificateSummary.add_member(:status, Shapes::ShapeRef.new(shape: CertificateStatus, location_name: "Status"))
+    CertificateSummary.add_member(:type, Shapes::ShapeRef.new(shape: CertificateType, location_name: "Type"))
+    CertificateSummary.add_member(:key_algorithm, Shapes::ShapeRef.new(shape: KeyAlgorithm, location_name: "KeyAlgorithm"))
+    CertificateSummary.add_member(:key_usages, Shapes::ShapeRef.new(shape: KeyUsageNames, location_name: "KeyUsages"))
+    CertificateSummary.add_member(:extended_key_usages, Shapes::ShapeRef.new(shape: ExtendedKeyUsageNames, location_name: "ExtendedKeyUsages"))
+    CertificateSummary.add_member(:in_use, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "InUse", metadata: {"box"=>true}))
+    CertificateSummary.add_member(:exported, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "Exported", metadata: {"box"=>true}))
+    CertificateSummary.add_member(:renewal_eligibility, Shapes::ShapeRef.new(shape: RenewalEligibility, location_name: "RenewalEligibility"))
+    CertificateSummary.add_member(:not_before, Shapes::ShapeRef.new(shape: TStamp, location_name: "NotBefore"))
+    CertificateSummary.add_member(:not_after, Shapes::ShapeRef.new(shape: TStamp, location_name: "NotAfter"))
+    CertificateSummary.add_member(:created_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "CreatedAt"))
+    CertificateSummary.add_member(:issued_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "IssuedAt"))
+    CertificateSummary.add_member(:imported_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "ImportedAt"))
+    CertificateSummary.add_member(:revoked_at, Shapes::ShapeRef.new(shape: TStamp, location_name: "RevokedAt"))
     CertificateSummary.struct_class = Types::CertificateSummary
     CertificateSummaryList.member = Shapes::ShapeRef.new(shape: CertificateSummary)
@@ -206,6 +227,8 @@ module Aws::ACM
     ExtendedKeyUsageList.member = Shapes::ShapeRef.new(shape: ExtendedKeyUsage)
+    ExtendedKeyUsageNames.member = Shapes::ShapeRef.new(shape: ExtendedKeyUsageName)
     Filters.add_member(:extended_key_usage, Shapes::ShapeRef.new(shape: ExtendedKeyUsageFilterList, location_name: "extendedKeyUsage"))
     Filters.add_member(:key_usage, Shapes::ShapeRef.new(shape: KeyUsageFilterList, location_name: "keyUsage"))
     Filters.add_member(:key_types, Shapes::ShapeRef.new(shape: KeyAlgorithmList, location_name: "keyTypes"))
@@ -260,6 +283,8 @@ module Aws::ACM
     KeyUsageList.member = Shapes::ShapeRef.new(shape: KeyUsage)
+    KeyUsageNames.member = Shapes::ShapeRef.new(shape: KeyUsageName)
     LimitExceededException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     LimitExceededException.struct_class = Types::LimitExceededException
@@ -267,6 +292,8 @@ module Aws::ACM
     ListCertificatesRequest.add_member(:includes, Shapes::ShapeRef.new(shape: Filters, location_name: "Includes"))
     ListCertificatesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     ListCertificatesRequest.add_member(:max_items, Shapes::ShapeRef.new(shape: MaxItems, location_name: "MaxItems"))
+    ListCertificatesRequest.add_member(:sort_by, Shapes::ShapeRef.new(shape: SortBy, location_name: "SortBy"))
+    ListCertificatesRequest.add_member(:sort_order, Shapes::ShapeRef.new(shape: SortOrder, location_name: "SortOrder"))
     ListCertificatesRequest.struct_class = Types::ListCertificatesRequest
     ListCertificatesResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))

data/lib/aws-sdk-acm/types.rb CHANGED Viewed

@@ -120,12 +120,27 @@ module Aws::ACM
     #   @return [Time]
     #
     # @!attribute [rw] imported_at
-    #   The date and time at which the certificate was imported. This value
+    #   The date and time when the certificate was imported. This value
     #   exists only when the certificate type is `IMPORTED`.
     #   @return [Time]
     #
     # @!attribute [rw] status
     #   The status of the certificate.
+    #
+    #   A certificate enters status PENDING\_VALIDATION upon being
+    #   requested, unless it fails for any of the reasons given in the
+    #   troubleshooting topic [Certificate request fails][1]. ACM makes
+    #   repeated attempts to validate a certificate for 72 hours and then
+    #   times out. If a certificate shows status FAILED or
+    #   VALIDATION\_TIMED\_OUT, delete the request, correct the issue with
+    #   [DNS validation][2] or [Email validation][3], and try again. If
+    #   validation succeeds, the certificate enters status ISSUED.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html
+    #   [2]: https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html
+    #   [3]: https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html
     #   @return [String]
     #
     # @!attribute [rw] revoked_at
@@ -163,8 +178,8 @@ module Aws::ACM
     # @!attribute [rw] failure_reason
     #   The reason the certificate request failed. This value exists only
     #   when the certificate status is `FAILED`. For more information, see
-    #   [Certificate Request Failed][1] in the *Amazon Web Services
-    #   Certificate Manager User Guide*.
+    #   [Certificate Request Failed][1] in the *Certificate Manager User
+    #   Guide*.
     #
     #
     #
@@ -178,7 +193,7 @@ module Aws::ACM
     #   provide [managed renewal][1] for imported certificates. For more
     #   information about the differences between certificates that you
     #   import and those that ACM provides, see [Importing Certificates][2]
-    #   in the *Amazon Web Services Certificate Manager User Guide*.
+    #   in the *Certificate Manager User Guide*.
     #
     #
     #
@@ -210,9 +225,8 @@ module Aws::ACM
     #   @return [Array<Types::ExtendedKeyUsage>]
     #
     # @!attribute [rw] certificate_authority_arn
-    #   The Amazon Resource Name (ARN) of the ACM PCA private certificate
-    #   authority (CA) that issued the certificate. This has the following
-    #   format:
+    #   The Amazon Resource Name (ARN) of the private certificate authority
+    #   (CA) that issued the certificate. This has the following format:
     #
     #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
     #   @return [String]
@@ -319,11 +333,155 @@ module Aws::ACM
     #   example.com, for the certificate.
     #   @return [String]
     #
+    # @!attribute [rw] subject_alternative_name_summaries
+    #   One or more domain names (subject alternative names) included in the
+    #   certificate. This list contains the domain names that are bound to
+    #   the public key that is contained in the certificate. The subject
+    #   alternative names include the canonical domain name (CN) of the
+    #   certificate and additional domain names that can be used to connect
+    #   to the website.
+    #
+    #   When called by [ListCertificates][1], this parameter will only
+    #   return the first 100 subject alternative names included in the
+    #   certificate. To display the full list of subject alternative names,
+    #   use [DescribeCertificate][2].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html
+    #   [2]: https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] has_additional_subject_alternative_names
+    #   When called by [ListCertificates][1], indicates whether the full
+    #   list of subject alternative names has been included in the response.
+    #   If false, the response includes all of the subject alternative names
+    #   included in the certificate. If true, the response only includes the
+    #   first 100 subject alternative names included in the certificate. To
+    #   display the full list of subject alternative names, use
+    #   [DescribeCertificate][2].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html
+    #   [2]: https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] status
+    #   The status of the certificate.
+    #
+    #   A certificate enters status PENDING\_VALIDATION upon being
+    #   requested, unless it fails for any of the reasons given in the
+    #   troubleshooting topic [Certificate request fails][1]. ACM makes
+    #   repeated attempts to validate a certificate for 72 hours and then
+    #   times out. If a certificate shows status FAILED or
+    #   VALIDATION\_TIMED\_OUT, delete the request, correct the issue with
+    #   [DNS validation][2] or [Email validation][3], and try again. If
+    #   validation succeeds, the certificate enters status ISSUED.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html
+    #   [2]: https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html
+    #   [3]: https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html
+    #   @return [String]
+    #
+    # @!attribute [rw] type
+    #   The source of the certificate. For certificates provided by ACM,
+    #   this value is `AMAZON_ISSUED`. For certificates that you imported
+    #   with ImportCertificate, this value is `IMPORTED`. ACM does not
+    #   provide [managed renewal][1] for imported certificates. For more
+    #   information about the differences between certificates that you
+    #   import and those that ACM provides, see [Importing Certificates][2]
+    #   in the *Certificate Manager User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
+    #   [2]: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
+    #   @return [String]
+    #
+    # @!attribute [rw] key_algorithm
+    #   The algorithm that was used to generate the public-private key pair.
+    #   @return [String]
+    #
+    # @!attribute [rw] key_usages
+    #   A list of Key Usage X.509 v3 extension objects. Each object is a
+    #   string value that identifies the purpose of the public key contained
+    #   in the certificate. Possible extension values include
+    #   DIGITAL\_SIGNATURE, KEY\_ENCHIPHERMENT, NON\_REPUDIATION, and more.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] extended_key_usages
+    #   Contains a list of Extended Key Usage X.509 v3 extension objects.
+    #   Each object specifies a purpose for which the certificate public key
+    #   can be used and consists of a name and an object identifier (OID).
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] in_use
+    #   Indicates whether the certificate is currently in use by any Amazon
+    #   Web Services resources.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] exported
+    #   Indicates whether the certificate has been exported. This value
+    #   exists only when the certificate type is `PRIVATE`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] renewal_eligibility
+    #   Specifies whether the certificate is eligible for renewal. At this
+    #   time, only exported private certificates can be renewed with the
+    #   RenewCertificate command.
+    #   @return [String]
+    #
+    # @!attribute [rw] not_before
+    #   The time before which the certificate is not valid.
+    #   @return [Time]
+    #
+    # @!attribute [rw] not_after
+    #   The time after which the certificate is not valid.
+    #   @return [Time]
+    #
+    # @!attribute [rw] created_at
+    #   The time at which the certificate was requested.
+    #   @return [Time]
+    #
+    # @!attribute [rw] issued_at
+    #   The time at which the certificate was issued. This value exists only
+    #   when the certificate type is `AMAZON_ISSUED`.
+    #   @return [Time]
+    #
+    # @!attribute [rw] imported_at
+    #   The date and time when the certificate was imported. This value
+    #   exists only when the certificate type is `IMPORTED`.
+    #   @return [Time]
+    #
+    # @!attribute [rw] revoked_at
+    #   The time at which the certificate was revoked. This value exists
+    #   only when the certificate status is `REVOKED`.
+    #   @return [Time]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/CertificateSummary AWS API Documentation
     #
     class CertificateSummary < Struct.new(
       :certificate_arn,
-      :domain_name)
+      :domain_name,
+      :subject_alternative_name_summaries,
+      :has_additional_subject_alternative_names,
+      :status,
+      :type,
+      :key_algorithm,
+      :key_usages,
+      :extended_key_usages,
+      :in_use,
+      :exported,
+      :renewal_eligibility,
+      :not_before,
+      :not_after,
+      :created_at,
+      :issued_at,
+      :imported_at,
+      :revoked_at)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -560,10 +718,17 @@ module Aws::ACM
     #   @return [String]
     #
     # @!attribute [rw] passphrase
-    #   Passphrase to associate with the encrypted exported private key. If
-    #   you want to later decrypt the private key, you must have the
+    #   Passphrase to associate with the encrypted exported private key.
+    #
+    #   <note markdown="1"> When creating your passphrase, you can use any ASCII character
+    #   except #, $, or %.
+    #
+    #    </note>
+    #
+    #   If you want to later decrypt the private key, you must have the
     #   passphrase. You can use the following OpenSSL command to decrypt a
-    #   private key:
+    #   private key. After entering the command, you are prompted for the
+    #   passphrase.
     #
     #   `openssl rsa -in encrypted_key.pem -out decrypted_key.pem`
     #   @return [String]
@@ -671,7 +836,7 @@ module Aws::ACM
     #   certificates that have at least one domain. To return other
     #   certificate types, provide the desired type signatures in a
     #   comma-separated list. For example, `"keyTypes":
-    #   ["RSA_2048,RSA_4096"]` returns both `RSA_2048` and `RSA_4096`
+    #   ["RSA_2048","RSA_4096"]` returns both `RSA_2048` and `RSA_4096`
     #   certificates.
     #   @return [Array<String>]
     #
@@ -940,6 +1105,8 @@ module Aws::ACM
     #         },
     #         next_token: "NextToken",
     #         max_items: 1,
+    #         sort_by: "CREATED_AT", # accepts CREATED_AT
+    #         sort_order: "ASCENDING", # accepts ASCENDING, DESCENDING
     #       }
     #
     # @!attribute [rw] certificate_statuses
@@ -966,13 +1133,25 @@ module Aws::ACM
     #   retrieve additional items.
     #   @return [Integer]
     #
+    # @!attribute [rw] sort_by
+    #   Specifies the field to sort results by. If you specify `SortBy`, you
+    #   must also specify `SortOrder`.
+    #   @return [String]
+    #
+    # @!attribute [rw] sort_order
+    #   Specifies the order of sorted results. If you specify `SortOrder`,
+    #   you must also specify `SortBy`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-2015-12-08/ListCertificatesRequest AWS API Documentation
     #
     class ListCertificatesRequest < Struct.new(
       :certificate_statuses,
       :includes,
       :next_token,
-      :max_items)
+      :max_items,
+      :sort_by,
+      :sort_order)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1218,9 +1397,15 @@ module Aws::ACM
     #   same domain. For example, *.example.com protects www.example.com,
     #   site.example.com, and images.example.com.
     #
-    #   The first domain name you enter cannot exceed 64 octets, including
-    #   periods. Each subsequent Subject Alternative Name (SAN), however,
-    #   can be up to 253 octets in length.
+    #   In compliance with [RFC 5280][1], the length of the domain name
+    #   (technically, the Common Name) that you provide cannot exceed 64
+    #   octets (characters), including periods. To add a longer domain name,
+    #   specify it in the Subject Alternative Name field, which supports
+    #   names up to 253 octets in length.
+    #
+    #
+    #
+    #   [1]: https://datatracker.ietf.org/doc/html/rfc5280
     #   @return [String]
     #
     # @!attribute [rw] validation_method
@@ -1300,9 +1485,8 @@ module Aws::ACM
     #   (CA) that will be used to issue the certificate. If you do not
     #   provide an ARN and you are trying to request a private certificate,
     #   ACM will attempt to issue a public certificate. For more information
-    #   about private CAs, see the [Amazon Web Services Certificate Manager
-    #   Private Certificate Authority (PCA)][1] user guide. The ARN must
-    #   have the following form:
+    #   about private CAs, see the [Certificate Manager Private Certificate
+    #   Authority][1] user guide. The ARN must have the following form:
     #
     #   `arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`
     #

data/lib/aws-sdk-acm.rb CHANGED Viewed

@@ -49,6 +49,6 @@ require_relative 'aws-sdk-acm/customizations'
 # @!group service
 module Aws::ACM
-  GEM_VERSION = '1.51.0'
+  GEM_VERSION = '1.52.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acm
 version: !ruby/object:Gem::Version
-  version: 1.51.0
+  version: 1.52.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-02-24 00:00:00.000000000 Z
+date: 2022-09-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core