aws-sdk-acmpca 1.96.0 → 1.98.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: aa8ea74a99c9221f9433bb6e5439c6ddc8bd87e4860b48871dc6af1e1fbcba79
-  data.tar.gz: b075c698404904d8447e7307904396967f988b10a437857b040436e7141d74b4
+  metadata.gz: 4502038d46be05eb09d5216c479ee2b1d6d61df2410a5845e8e627c60552f32e
+  data.tar.gz: 78ec75b229043f5f7fa27a1ea3a7f74fd42ab763a66bddcd4d88b71a5e1593dc
 SHA512:
-  metadata.gz: a97c1b5201d5be340e9724a7048351a63d3ea7930b1ad448fc51b581cc4dbd992ed00427c9eb760f99c3b2cbdf840b9c62f2372a8d6c185255562b900140cbf2
-  data.tar.gz: cf0c762f3fae0082cc162068e0568fb8311a3cbe59833bcbf69e8a315ac6c471a48dabda264d64d47a2ffbc15f60b04952e32ef7f773a869db6f2c3a138162da
+  metadata.gz: 3a8414f6217952627b2d54fd174de65980db66c066f69a620f75551bfd0b715f34ca39ef142b40c4d45c930a2c8ba9cb7ede7695af22da172ad62c0b88f51dd0
+  data.tar.gz: d1e1893b103b99e1a048f28fe3eb8207ed02a6d96ee9bd5e514404ce228264e0dc2ec707c5a0c15c58a500388f117d92e1d6d8b614e0a4f96a95a3a3d714b6ea

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.98.0 (2025-08-04)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.97.0 (2025-08-01)
+------------------
+
+* Feature - Doc-only update to add more information to GetCertificate action.
+
 1.96.0 (2025-07-31)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.96.0
+1.98.0

data/lib/aws-sdk-acmpca/client.rb

@@ -95,8 +95,8 @@ module Aws::ACMPCA
     #     class name or an instance of a plugin class.
     #
     #   @option options [required, Aws::CredentialProvider] :credentials
-    #     Your AWS credentials used for authentication. This can be an instance of any one of the
-    #     following classes:
+    #     Your AWS credentials used for authentication. This can be any class that includes and implements
+    #     `Aws::CredentialProvider`, or instance of any one of the following classes:
     #
     #     * `Aws::Credentials` - Used for configuring static, non-refreshing
     #       credentials.
@@ -124,8 +124,7 @@ module Aws::ACMPCA
     #     * `Aws::CognitoIdentityCredentials` - Used for loading credentials
     #       from the Cognito Identity service.
     #
-    #     When `:credentials` are not configured directly, the following
-    #     locations will be searched for credentials:
+    #     When `:credentials` are not configured directly, the following locations will be searched for credentials:
     #
     #     * `Aws.config[:credentials]`
     #
@@ -139,12 +138,10 @@ module Aws::ACMPCA
     #
     #     * `~/.aws/config`
     #
-    #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
-    #       are very aggressive. Construct and pass an instance of
-    #       `Aws::InstanceProfileCredentials` or `Aws::ECSCredentials` to
-    #       enable retries and extended timeouts. Instance profile credential
-    #       fetching can be disabled by setting `ENV['AWS_EC2_METADATA_DISABLED']`
-    #       to `true`.
+    #     * EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive.
+    #       Construct and pass an instance of `Aws::InstanceProfileCredentials` or `Aws::ECSCredentials` to
+    #       enable retries and extended timeouts. Instance profile credential fetching can be disabled by
+    #       setting `ENV['AWS_EC2_METADATA_DISABLED']` to `true`.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -384,8 +381,8 @@ module Aws::ACMPCA
     #     `Aws::Telemetry::OTelProvider` for telemetry provider.
     #
     #   @option options [Aws::TokenProvider] :token_provider
-    #     Your Bearer token used for authentication. This can be an instance of any one of the
-    #     following classes:
+    #     Your Bearer token used for authentication. This can be any class that includes and implements
+    #     `Aws::TokenProvider`, or instance of any one of the following classes:
     #
     #     * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
     #       tokens.
@@ -569,22 +566,22 @@ module Aws::ACMPCA
     #   requesting multiple certificate authorities.
     #
     # @option params [String] :key_storage_security_standard
-    #   Specifies a cryptographic key management compliance standard used for
-    #   handling CA keys.
+    #   Specifies a cryptographic key management compliance standard for
+    #   handling and protecting CA keys.
     #
     #   Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
     #
-    #   <note markdown="1"> Some Amazon Web Services Regions do not support the default. When
-    #   creating a CA in these Regions, you must provide
-    #   `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
-    #   `KeyStorageSecurityStandard`. Failure to do this results in an
-    #   `InvalidArgsException` with the message, "A certificate authority
+    #   <note markdown="1"> Some Amazon Web Services Regions don't support the default value.
+    #   When you create a CA in these Regions, you must use
+    #   `CCPC_LEVEL_1_OR_HIGHER` for the `KeyStorageSecurityStandard`
+    #   parameter. If you don't, the operation returns an
+    #   `InvalidArgsException` with this message: "A certificate authority
     #   cannot be created in this region with the specified security
     #   standard."
     #
-    #    For information about security standard support in various Regions,
-    #   see [Storage and security compliance of Amazon Web Services Private CA
-    #   private keys][1].
+    #    For information about security standard support in different Amazon
+    #   Web Services Regions, see [Storage and security compliance of Amazon
+    #   Web Services Private CA private keys][1].
     #
     #    </note>
     #
@@ -916,6 +913,16 @@ module Aws::ACMPCA
     # state. To restore an eligible CA, call the
     # [RestoreCertificateAuthority][5] action.
     #
+    # A private CA can be deleted if it is in the `PENDING_CERTIFICATE`,
+    # `CREATING`, `EXPIRED`, `DISABLED`, or `FAILED` state. To delete a CA
+    # in the `ACTIVE` state, you must first disable it, or else the delete
+    # request results in an exception. If you are deleting a private CA in
+    # the `PENDING_CERTIFICATE` or `DISABLED` state, you can set the length
+    # of its restoration period to 7-30 days. The default is 30. During this
+    # time, the status is set to `DELETED` and the CA can be restored. A
+    # private CA deleted in the `CREATING` or `FAILED` state has no assigned
+    # restoration period and cannot be restored.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListCertificateAuthorities.html
@@ -1310,7 +1317,7 @@ module Aws::ACMPCA
     # the [IssueCertificate][1] action. You must specify both the ARN of
     # your private CA and the ARN of the issued certificate when calling the
     # **GetCertificate** action. You can retrieve the certificate if it is
-    # in the **ISSUED** state. You can call the
+    # in the **ISSUED**, **EXPIRED**, or **REVOKED** state. You can call the
     # [CreateCertificateAuthorityAuditReport][2] action to create a report
     # that contains information about all of the certificates issued and
     # revoked by your private CA.
@@ -1498,7 +1505,7 @@ module Aws::ACMPCA
     # @option params [required, String] :resource_arn
     #   The Amazon Resource Number (ARN) of the private CA that will have its
     #   policy retrieved. You can find the CA's ARN by calling the
-    #   ListCertificateAuthorities action.      </p>
+    #   ListCertificateAuthorities action.
     #
     # @return [Types::GetPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2706,7 +2713,7 @@ module Aws::ACMPCA
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-acmpca'
-      context[:gem_version] = '1.96.0'
+      context[:gem_version] = '1.98.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-acmpca/client_api.rb

@@ -589,10 +589,10 @@ module Aws::ACMPCA
         o.input = Shapes::ShapeRef.new(shape: CreateCertificateAuthorityAuditReportRequest)
         o.output = Shapes::ShapeRef.new(shape: CreateCertificateAuthorityAuditReportResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArgsException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: RequestInProgressException)
       end)
 
@@ -606,8 +606,8 @@ module Aws::ACMPCA
         o.errors << Shapes::ShapeRef.new(shape: PermissionAlreadyExistsException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
       end)
 
       api.add_operation(:delete_certificate_authority, Seahorse::Model::Operation.new.tap do |o|
@@ -630,8 +630,8 @@ module Aws::ACMPCA
         o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
       end)
 
       api.add_operation(:delete_policy, Seahorse::Model::Operation.new.tap do |o|
@@ -643,8 +643,8 @@ module Aws::ACMPCA
         o.errors << Shapes::ShapeRef.new(shape: LockoutPreventedException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
       end)
 
@@ -665,8 +665,8 @@ module Aws::ACMPCA
         o.input = Shapes::ShapeRef.new(shape: DescribeCertificateAuthorityAuditReportRequest)
         o.output = Shapes::ShapeRef.new(shape: DescribeCertificateAuthorityAuditReportResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArgsException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
       end)
 
       api.add_operation(:get_certificate, Seahorse::Model::Operation.new.tap do |o|
@@ -677,8 +677,8 @@ module Aws::ACMPCA
         o.output = Shapes::ShapeRef.new(shape: GetCertificateResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: RequestInProgressException)
       end)
 
@@ -701,8 +701,8 @@ module Aws::ACMPCA
         o.output = Shapes::ShapeRef.new(shape: GetCertificateAuthorityCsrResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: RequestInProgressException)
       end)
 
@@ -714,8 +714,8 @@ module Aws::ACMPCA
         o.output = Shapes::ShapeRef.new(shape: GetPolicyResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
       end)
 
       api.add_operation(:import_certificate_authority_certificate, Seahorse::Model::Operation.new.tap do |o|
@@ -729,8 +729,8 @@ module Aws::ACMPCA
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
         o.errors << Shapes::ShapeRef.new(shape: RequestInProgressException)
       end)
@@ -743,8 +743,8 @@ module Aws::ACMPCA
         o.output = Shapes::ShapeRef.new(shape: IssueCertificateResponse)
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArgsException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
         o.errors << Shapes::ShapeRef.new(shape: MalformedCSRException)
       end)
@@ -772,8 +772,8 @@ module Aws::ACMPCA
         o.output = Shapes::ShapeRef.new(shape: ListPermissionsResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidNextTokenException)
         o[:pager] = Aws::Pager.new(
           limit_key: "max_results",
@@ -791,8 +791,8 @@ module Aws::ACMPCA
         o.output = Shapes::ShapeRef.new(shape: ListTagsResponse)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o[:pager] = Aws::Pager.new(
           limit_key: "max_results",
           tokens: {
@@ -810,8 +810,8 @@ module Aws::ACMPCA
         o.errors << Shapes::ShapeRef.new(shape: LockoutPreventedException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidPolicyException)
       end)
@@ -838,8 +838,8 @@ module Aws::ACMPCA
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidRequestException)
-        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: RequestFailedException)
         o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
         o.errors << Shapes::ShapeRef.new(shape: RequestInProgressException)
       end)
@@ -876,8 +876,8 @@ module Aws::ACMPCA
         o.input = Shapes::ShapeRef.new(shape: UpdateCertificateAuthorityRequest)
         o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
-        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidArgsException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidStateException)
         o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidPolicyException)

data/lib/aws-sdk-acmpca/types.rb

@@ -296,17 +296,24 @@ module Aws::ACMPCA
     #   @return [Time]
     #
     # @!attribute [rw] key_storage_security_standard
-    #   Defines a cryptographic key management compliance standard used for
-    #   handling CA keys.
+    #   Defines a cryptographic key management compliance standard for
+    #   handling and protecting CA keys.
     #
     #   Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
     #
-    #   Note: Amazon Web Services Region ap-northeast-3 supports only
-    #   FIPS\_140\_2\_LEVEL\_2\_OR\_HIGHER. You must explicitly specify this
-    #   parameter and value when creating a CA in that Region. Specifying a
-    #   different value (or no value) results in an `InvalidArgsException`
-    #   with the message "A certificate authority cannot be created in this
-    #   region with the specified security standard."
+    #   <note markdown="1"> Starting January 26, 2023, Amazon Web Services Private CA protects
+    #   all CA private keys in non-China regions using hardware security
+    #   modules (HSMs) that comply with FIPS PUB 140-2 Level 3.
+    #
+    #    For information about security standard support in different Amazon
+    #   Web Services Regions, see [Storage and security compliance of Amazon
+    #   Web Services Private CA private keys][1].
+    #
+    #    </note>
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys
     #   @return [String]
     #
     # @!attribute [rw] usage_mode
@@ -516,22 +523,22 @@ module Aws::ACMPCA
     #   @return [String]
     #
     # @!attribute [rw] key_storage_security_standard
-    #   Specifies a cryptographic key management compliance standard used
-    #   for handling CA keys.
+    #   Specifies a cryptographic key management compliance standard for
+    #   handling and protecting CA keys.
     #
     #   Default: FIPS\_140\_2\_LEVEL\_3\_OR\_HIGHER
     #
-    #   <note markdown="1"> Some Amazon Web Services Regions do not support the default. When
-    #   creating a CA in these Regions, you must provide
-    #   `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for
-    #   `KeyStorageSecurityStandard`. Failure to do this results in an
-    #   `InvalidArgsException` with the message, "A certificate authority
+    #   <note markdown="1"> Some Amazon Web Services Regions don't support the default value.
+    #   When you create a CA in these Regions, you must use
+    #   `CCPC_LEVEL_1_OR_HIGHER` for the `KeyStorageSecurityStandard`
+    #   parameter. If you don't, the operation returns an
+    #   `InvalidArgsException` with this message: "A certificate authority
     #   cannot be created in this region with the specified security
     #   standard."
     #
-    #    For information about security standard support in various Regions,
-    #   see [Storage and security compliance of Amazon Web Services Private
-    #   CA private keys][1].
+    #    For information about security standard support in different Amazon
+    #   Web Services Regions, see [Storage and security compliance of Amazon
+    #   Web Services Private CA private keys][1].
     #
     #    </note>
     #
@@ -1434,7 +1441,7 @@ module Aws::ACMPCA
     # @!attribute [rw] resource_arn
     #   The Amazon Resource Number (ARN) of the private CA that will have
     #   its policy retrieved. You can find the CA's ARN by calling the
-    #   ListCertificateAuthorities action.      </p>
+    #   ListCertificateAuthorities action.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/acm-pca-2017-08-22/GetPolicyRequest AWS API Documentation

data/lib/aws-sdk-acmpca.rb

@@ -55,7 +55,7 @@ module Aws::ACMPCA
   autoload :EndpointProvider, 'aws-sdk-acmpca/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-acmpca/endpoints'
 
-  GEM_VERSION = '1.96.0'
+  GEM_VERSION = '1.98.0'
 
 end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-acmpca
 version: !ruby/object:Gem::Version
-  version: 1.96.0
+  version: 1.98.0
 platform: ruby
 authors:
 - Amazon Web Services