aws-sdk-pcaconnectorscep 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,983 @@
1
+ # frozen_string_literal: true
2
+
3
+ # WARNING ABOUT GENERATED CODE
4
+ #
5
+ # This file is generated. See the contributing guide for more information:
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
+ #
8
+ # WARNING ABOUT GENERATED CODE
9
+
10
+ require 'seahorse/client/plugins/content_length.rb'
11
+ require 'aws-sdk-core/plugins/credentials_configuration.rb'
12
+ require 'aws-sdk-core/plugins/logging.rb'
13
+ require 'aws-sdk-core/plugins/param_converter.rb'
14
+ require 'aws-sdk-core/plugins/param_validator.rb'
15
+ require 'aws-sdk-core/plugins/user_agent.rb'
16
+ require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
17
+ require 'aws-sdk-core/plugins/retry_errors.rb'
18
+ require 'aws-sdk-core/plugins/global_configuration.rb'
19
+ require 'aws-sdk-core/plugins/regional_endpoint.rb'
20
+ require 'aws-sdk-core/plugins/endpoint_discovery.rb'
21
+ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
22
+ require 'aws-sdk-core/plugins/response_paging.rb'
23
+ require 'aws-sdk-core/plugins/stub_responses.rb'
24
+ require 'aws-sdk-core/plugins/idempotency_token.rb'
25
+ require 'aws-sdk-core/plugins/invocation_id.rb'
26
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
27
+ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
28
+ require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
29
+ require 'aws-sdk-core/plugins/transfer_encoding.rb'
30
+ require 'aws-sdk-core/plugins/http_checksum.rb'
31
+ require 'aws-sdk-core/plugins/checksum_algorithm.rb'
32
+ require 'aws-sdk-core/plugins/request_compression.rb'
33
+ require 'aws-sdk-core/plugins/defaults_mode.rb'
34
+ require 'aws-sdk-core/plugins/recursion_detection.rb'
35
+ require 'aws-sdk-core/plugins/sign.rb'
36
+ require 'aws-sdk-core/plugins/protocols/rest_json.rb'
37
+
38
+ Aws::Plugins::GlobalConfiguration.add_identifier(:pcaconnectorscep)
39
+
40
+ module Aws::PcaConnectorScep
41
+ # An API client for PcaConnectorScep. To construct a client, you need to configure a `:region` and `:credentials`.
42
+ #
43
+ # client = Aws::PcaConnectorScep::Client.new(
44
+ # region: region_name,
45
+ # credentials: credentials,
46
+ # # ...
47
+ # )
48
+ #
49
+ # For details on configuring region and credentials see
50
+ # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
51
+ #
52
+ # See {#initialize} for a full list of supported configuration options.
53
+ class Client < Seahorse::Client::Base
54
+
55
+ include Aws::ClientStubs
56
+
57
+ @identifier = :pcaconnectorscep
58
+
59
+ set_api(ClientApi::API)
60
+
61
+ add_plugin(Seahorse::Client::Plugins::ContentLength)
62
+ add_plugin(Aws::Plugins::CredentialsConfiguration)
63
+ add_plugin(Aws::Plugins::Logging)
64
+ add_plugin(Aws::Plugins::ParamConverter)
65
+ add_plugin(Aws::Plugins::ParamValidator)
66
+ add_plugin(Aws::Plugins::UserAgent)
67
+ add_plugin(Aws::Plugins::HelpfulSocketErrors)
68
+ add_plugin(Aws::Plugins::RetryErrors)
69
+ add_plugin(Aws::Plugins::GlobalConfiguration)
70
+ add_plugin(Aws::Plugins::RegionalEndpoint)
71
+ add_plugin(Aws::Plugins::EndpointDiscovery)
72
+ add_plugin(Aws::Plugins::EndpointPattern)
73
+ add_plugin(Aws::Plugins::ResponsePaging)
74
+ add_plugin(Aws::Plugins::StubResponses)
75
+ add_plugin(Aws::Plugins::IdempotencyToken)
76
+ add_plugin(Aws::Plugins::InvocationId)
77
+ add_plugin(Aws::Plugins::JsonvalueConverter)
78
+ add_plugin(Aws::Plugins::ClientMetricsPlugin)
79
+ add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
80
+ add_plugin(Aws::Plugins::TransferEncoding)
81
+ add_plugin(Aws::Plugins::HttpChecksum)
82
+ add_plugin(Aws::Plugins::ChecksumAlgorithm)
83
+ add_plugin(Aws::Plugins::RequestCompression)
84
+ add_plugin(Aws::Plugins::DefaultsMode)
85
+ add_plugin(Aws::Plugins::RecursionDetection)
86
+ add_plugin(Aws::Plugins::Sign)
87
+ add_plugin(Aws::Plugins::Protocols::RestJson)
88
+ add_plugin(Aws::PcaConnectorScep::Plugins::Endpoints)
89
+
90
+ # @overload initialize(options)
91
+ # @param [Hash] options
92
+ # @option options [required, Aws::CredentialProvider] :credentials
93
+ # Your AWS credentials. This can be an instance of any one of the
94
+ # following classes:
95
+ #
96
+ # * `Aws::Credentials` - Used for configuring static, non-refreshing
97
+ # credentials.
98
+ #
99
+ # * `Aws::SharedCredentials` - Used for loading static credentials from a
100
+ # shared file, such as `~/.aws/config`.
101
+ #
102
+ # * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
103
+ #
104
+ # * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
105
+ # assume a role after providing credentials via the web.
106
+ #
107
+ # * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
108
+ # access token generated from `aws login`.
109
+ #
110
+ # * `Aws::ProcessCredentials` - Used for loading credentials from a
111
+ # process that outputs to stdout.
112
+ #
113
+ # * `Aws::InstanceProfileCredentials` - Used for loading credentials
114
+ # from an EC2 IMDS on an EC2 instance.
115
+ #
116
+ # * `Aws::ECSCredentials` - Used for loading credentials from
117
+ # instances running in ECS.
118
+ #
119
+ # * `Aws::CognitoIdentityCredentials` - Used for loading credentials
120
+ # from the Cognito Identity service.
121
+ #
122
+ # When `:credentials` are not configured directly, the following
123
+ # locations will be searched for credentials:
124
+ #
125
+ # * `Aws.config[:credentials]`
126
+ # * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
127
+ # * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
128
+ # * `~/.aws/credentials`
129
+ # * `~/.aws/config`
130
+ # * EC2/ECS IMDS instance profile - When used by default, the timeouts
131
+ # are very aggressive. Construct and pass an instance of
132
+ # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
133
+ # enable retries and extended timeouts. Instance profile credential
134
+ # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
135
+ # to true.
136
+ #
137
+ # @option options [required, String] :region
138
+ # The AWS region to connect to. The configured `:region` is
139
+ # used to determine the service `:endpoint`. When not passed,
140
+ # a default `:region` is searched for in the following locations:
141
+ #
142
+ # * `Aws.config[:region]`
143
+ # * `ENV['AWS_REGION']`
144
+ # * `ENV['AMAZON_REGION']`
145
+ # * `ENV['AWS_DEFAULT_REGION']`
146
+ # * `~/.aws/credentials`
147
+ # * `~/.aws/config`
148
+ #
149
+ # @option options [String] :access_key_id
150
+ #
151
+ # @option options [Boolean] :active_endpoint_cache (false)
152
+ # When set to `true`, a thread polling for endpoints will be running in
153
+ # the background every 60 secs (default). Defaults to `false`.
154
+ #
155
+ # @option options [Boolean] :adaptive_retry_wait_to_fill (true)
156
+ # Used only in `adaptive` retry mode. When true, the request will sleep
157
+ # until there is sufficent client side capacity to retry the request.
158
+ # When false, the request will raise a `RetryCapacityNotAvailableError` and will
159
+ # not retry instead of sleeping.
160
+ #
161
+ # @option options [Boolean] :client_side_monitoring (false)
162
+ # When `true`, client-side metrics will be collected for all API requests from
163
+ # this client.
164
+ #
165
+ # @option options [String] :client_side_monitoring_client_id ("")
166
+ # Allows you to provide an identifier for this client which will be attached to
167
+ # all generated client side metrics. Defaults to an empty string.
168
+ #
169
+ # @option options [String] :client_side_monitoring_host ("127.0.0.1")
170
+ # Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client
171
+ # side monitoring agent is running on, where client metrics will be published via UDP.
172
+ #
173
+ # @option options [Integer] :client_side_monitoring_port (31000)
174
+ # Required for publishing client metrics. The port that the client side monitoring
175
+ # agent is running on, where client metrics will be published via UDP.
176
+ #
177
+ # @option options [Aws::ClientSideMonitoring::Publisher] :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher)
178
+ # Allows you to provide a custom client-side monitoring publisher class. By default,
179
+ # will use the Client Side Monitoring Agent Publisher.
180
+ #
181
+ # @option options [Boolean] :convert_params (true)
182
+ # When `true`, an attempt is made to coerce request parameters into
183
+ # the required types.
184
+ #
185
+ # @option options [Boolean] :correct_clock_skew (true)
186
+ # Used only in `standard` and adaptive retry modes. Specifies whether to apply
187
+ # a clock skew correction and retry requests with skewed client clocks.
188
+ #
189
+ # @option options [String] :defaults_mode ("legacy")
190
+ # See {Aws::DefaultsModeConfiguration} for a list of the
191
+ # accepted modes and the configuration defaults that are included.
192
+ #
193
+ # @option options [Boolean] :disable_host_prefix_injection (false)
194
+ # Set to true to disable SDK automatically adding host prefix
195
+ # to default service endpoint when available.
196
+ #
197
+ # @option options [Boolean] :disable_request_compression (false)
198
+ # When set to 'true' the request body will not be compressed
199
+ # for supported operations.
200
+ #
201
+ # @option options [String, URI::HTTPS, URI::HTTP] :endpoint
202
+ # Normally you should not configure the `:endpoint` option
203
+ # directly. This is normally constructed from the `:region`
204
+ # option. Configuring `:endpoint` is normally reserved for
205
+ # connecting to test or custom endpoints. The endpoint should
206
+ # be a URI formatted like:
207
+ #
208
+ # 'http://example.com'
209
+ # 'https://example.com'
210
+ # 'http://example.com:123'
211
+ #
212
+ #
213
+ # @option options [Integer] :endpoint_cache_max_entries (1000)
214
+ # Used for the maximum size limit of the LRU cache storing endpoints data
215
+ # for endpoint discovery enabled operations. Defaults to 1000.
216
+ #
217
+ # @option options [Integer] :endpoint_cache_max_threads (10)
218
+ # Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.
219
+ #
220
+ # @option options [Integer] :endpoint_cache_poll_interval (60)
221
+ # When :endpoint_discovery and :active_endpoint_cache is enabled,
222
+ # Use this option to config the time interval in seconds for making
223
+ # requests fetching endpoints information. Defaults to 60 sec.
224
+ #
225
+ # @option options [Boolean] :endpoint_discovery (false)
226
+ # When set to `true`, endpoint discovery will be enabled for operations when available.
227
+ #
228
+ # @option options [Boolean] :ignore_configured_endpoint_urls
229
+ # Setting to true disables use of endpoint URLs provided via environment
230
+ # variables and the shared configuration file.
231
+ #
232
+ # @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
233
+ # The log formatter.
234
+ #
235
+ # @option options [Symbol] :log_level (:info)
236
+ # The log level to send messages to the `:logger` at.
237
+ #
238
+ # @option options [Logger] :logger
239
+ # The Logger instance to send log messages to. If this option
240
+ # is not set, logging will be disabled.
241
+ #
242
+ # @option options [Integer] :max_attempts (3)
243
+ # An integer representing the maximum number attempts that will be made for
244
+ # a single request, including the initial attempt. For example,
245
+ # setting this value to 5 will result in a request being retried up to
246
+ # 4 times. Used in `standard` and `adaptive` retry modes.
247
+ #
248
+ # @option options [String] :profile ("default")
249
+ # Used when loading credentials from the shared credentials file
250
+ # at HOME/.aws/credentials. When not specified, 'default' is used.
251
+ #
252
+ # @option options [Integer] :request_min_compression_size_bytes (10240)
253
+ # The minimum size in bytes that triggers compression for request
254
+ # bodies. The value must be non-negative integer value between 0
255
+ # and 10485780 bytes inclusive.
256
+ #
257
+ # @option options [Proc] :retry_backoff
258
+ # A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
259
+ # This option is only used in the `legacy` retry mode.
260
+ #
261
+ # @option options [Float] :retry_base_delay (0.3)
262
+ # The base delay in seconds used by the default backoff function. This option
263
+ # is only used in the `legacy` retry mode.
264
+ #
265
+ # @option options [Symbol] :retry_jitter (:none)
266
+ # A delay randomiser function used by the default backoff function.
267
+ # Some predefined functions can be referenced by name - :none, :equal, :full,
268
+ # otherwise a Proc that takes and returns a number. This option is only used
269
+ # in the `legacy` retry mode.
270
+ #
271
+ # @see https://www.awsarchitectureblog.com/2015/03/backoff.html
272
+ #
273
+ # @option options [Integer] :retry_limit (3)
274
+ # The maximum number of times to retry failed requests. Only
275
+ # ~ 500 level server errors and certain ~ 400 level client errors
276
+ # are retried. Generally, these are throttling errors, data
277
+ # checksum errors, networking errors, timeout errors, auth errors,
278
+ # endpoint discovery, and errors from expired credentials.
279
+ # This option is only used in the `legacy` retry mode.
280
+ #
281
+ # @option options [Integer] :retry_max_delay (0)
282
+ # The maximum number of seconds to delay between retries (0 for no limit)
283
+ # used by the default backoff function. This option is only used in the
284
+ # `legacy` retry mode.
285
+ #
286
+ # @option options [String] :retry_mode ("legacy")
287
+ # Specifies which retry algorithm to use. Values are:
288
+ #
289
+ # * `legacy` - The pre-existing retry behavior. This is default value if
290
+ # no retry mode is provided.
291
+ #
292
+ # * `standard` - A standardized set of retry rules across the AWS SDKs.
293
+ # This includes support for retry quotas, which limit the number of
294
+ # unsuccessful retries a client can make.
295
+ #
296
+ # * `adaptive` - An experimental retry mode that includes all the
297
+ # functionality of `standard` mode along with automatic client side
298
+ # throttling. This is a provisional mode that may change behavior
299
+ # in the future.
300
+ #
301
+ #
302
+ # @option options [String] :sdk_ua_app_id
303
+ # A unique and opaque application ID that is appended to the
304
+ # User-Agent header as app/sdk_ua_app_id. It should have a
305
+ # maximum length of 50. This variable is sourced from environment
306
+ # variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id.
307
+ #
308
+ # @option options [String] :secret_access_key
309
+ #
310
+ # @option options [String] :session_token
311
+ #
312
+ # @option options [Boolean] :stub_responses (false)
313
+ # Causes the client to return stubbed responses. By default
314
+ # fake responses are generated and returned. You can specify
315
+ # the response data to return or errors to raise by calling
316
+ # {ClientStubs#stub_responses}. See {ClientStubs} for more information.
317
+ #
318
+ # ** Please note ** When response stubbing is enabled, no HTTP
319
+ # requests are made, and retries are disabled.
320
+ #
321
+ # @option options [Aws::TokenProvider] :token_provider
322
+ # A Bearer Token Provider. This can be an instance of any one of the
323
+ # following classes:
324
+ #
325
+ # * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
326
+ # tokens.
327
+ #
328
+ # * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
329
+ # access token generated from `aws login`.
330
+ #
331
+ # When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
332
+ # will be used to search for tokens configured for your profile in shared configuration files.
333
+ #
334
+ # @option options [Boolean] :use_dualstack_endpoint
335
+ # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
336
+ # will be used if available.
337
+ #
338
+ # @option options [Boolean] :use_fips_endpoint
339
+ # When set to `true`, fips compatible endpoints will be used if available.
340
+ # When a `fips` region is used, the region is normalized and this config
341
+ # is set to `true`.
342
+ #
343
+ # @option options [Boolean] :validate_params (true)
344
+ # When `true`, request parameters are validated before
345
+ # sending the request.
346
+ #
347
+ # @option options [Aws::PcaConnectorScep::EndpointProvider] :endpoint_provider
348
+ # The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::PcaConnectorScep::EndpointParameters`
349
+ #
350
+ # @option options [Float] :http_continue_timeout (1)
351
+ # The number of seconds to wait for a 100-continue response before sending the
352
+ # request body. This option has no effect unless the request has "Expect"
353
+ # header set to "100-continue". Defaults to `nil` which disables this
354
+ # behaviour. This value can safely be set per request on the session.
355
+ #
356
+ # @option options [Float] :http_idle_timeout (5)
357
+ # The number of seconds a connection is allowed to sit idle before it
358
+ # is considered stale. Stale connections are closed and removed from the
359
+ # pool before making a request.
360
+ #
361
+ # @option options [Float] :http_open_timeout (15)
362
+ # The default number of seconds to wait for response data.
363
+ # This value can safely be set per-request on the session.
364
+ #
365
+ # @option options [URI::HTTP,String] :http_proxy
366
+ # A proxy to send requests through. Formatted like 'http://proxy.com:123'.
367
+ #
368
+ # @option options [Float] :http_read_timeout (60)
369
+ # The default number of seconds to wait for response data.
370
+ # This value can safely be set per-request on the session.
371
+ #
372
+ # @option options [Boolean] :http_wire_trace (false)
373
+ # When `true`, HTTP debug output will be sent to the `:logger`.
374
+ #
375
+ # @option options [Proc] :on_chunk_received
376
+ # When a Proc object is provided, it will be used as callback when each chunk
377
+ # of the response body is received. It provides three arguments: the chunk,
378
+ # the number of bytes received, and the total number of
379
+ # bytes in the response (or nil if the server did not send a `content-length`).
380
+ #
381
+ # @option options [Proc] :on_chunk_sent
382
+ # When a Proc object is provided, it will be used as callback when each chunk
383
+ # of the request body is sent. It provides three arguments: the chunk,
384
+ # the number of bytes read from the body, and the total number of
385
+ # bytes in the body.
386
+ #
387
+ # @option options [Boolean] :raise_response_errors (true)
388
+ # When `true`, response errors are raised.
389
+ #
390
+ # @option options [String] :ssl_ca_bundle
391
+ # Full path to the SSL certificate authority bundle file that should be used when
392
+ # verifying peer certificates. If you do not pass `:ssl_ca_bundle` or
393
+ # `:ssl_ca_directory` the the system default will be used if available.
394
+ #
395
+ # @option options [String] :ssl_ca_directory
396
+ # Full path of the directory that contains the unbundled SSL certificate
397
+ # authority files for verifying peer certificates. If you do
398
+ # not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system
399
+ # default will be used if available.
400
+ #
401
+ # @option options [String] :ssl_ca_store
402
+ # Sets the X509::Store to verify peer certificate.
403
+ #
404
+ # @option options [Float] :ssl_timeout
405
+ # Sets the SSL timeout in seconds
406
+ #
407
+ # @option options [Boolean] :ssl_verify_peer (true)
408
+ # When `true`, SSL peer certificates are verified when establishing a connection.
409
+ #
410
+ def initialize(*args)
411
+ super
412
+ end
413
+
414
+ # @!group API Operations
415
+
416
+ # For general-purpose connectors. Creates a *challenge password* for the
417
+ # specified connector. The SCEP protocol uses a challenge password to
418
+ # authenticate a request before issuing a certificate from a certificate
419
+ # authority (CA). Your SCEP clients include the challenge password as
420
+ # part of their certificate request to Connector for SCEP. To retrieve
421
+ # the connector Amazon Resource Names (ARNs) for the connectors in your
422
+ # account, call [ListConnectors][1].
423
+ #
424
+ # To create additional challenge passwords for the connector, call
425
+ # `CreateChallenge` again. We recommend frequently rotating your
426
+ # challenge passwords.
427
+ #
428
+ #
429
+ #
430
+ # [1]: https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_ListConnectors.html
431
+ #
432
+ # @option params [required, String] :connector_arn
433
+ # The Amazon Resource Name (ARN) of the connector that you want to
434
+ # create a challenge for.
435
+ #
436
+ # @option params [String] :client_token
437
+ # Custom string that can be used to distinguish between calls to the
438
+ # [CreateChallenge][1] action. Client tokens for `CreateChallenge` time
439
+ # out after five minutes. Therefore, if you call `CreateChallenge`
440
+ # multiple times with the same client token within five minutes,
441
+ # Connector for SCEP recognizes that you are requesting only one
442
+ # challenge and will only respond with one. If you change the client
443
+ # token for each call, Connector for SCEP recognizes that you are
444
+ # requesting multiple challenge passwords.
445
+ #
446
+ # **A suitable default value is auto-generated.** You should normally
447
+ # not need to pass this option.**
448
+ #
449
+ #
450
+ #
451
+ # [1]: https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_CreateChallenge.html
452
+ #
453
+ # @option params [Hash<String,String>] :tags
454
+ # The key-value pairs to associate with the resource.
455
+ #
456
+ # @return [Types::CreateChallengeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
457
+ #
458
+ # * {Types::CreateChallengeResponse#challenge #challenge} => Types::Challenge
459
+ #
460
+ # @example Request syntax with placeholder values
461
+ #
462
+ # resp = client.create_challenge({
463
+ # connector_arn: "ConnectorArn", # required
464
+ # client_token: "ClientToken",
465
+ # tags: {
466
+ # "String" => "String",
467
+ # },
468
+ # })
469
+ #
470
+ # @example Response structure
471
+ #
472
+ # resp.challenge.arn #=> String
473
+ # resp.challenge.connector_arn #=> String
474
+ # resp.challenge.created_at #=> Time
475
+ # resp.challenge.updated_at #=> Time
476
+ # resp.challenge.password #=> String
477
+ #
478
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/CreateChallenge AWS API Documentation
479
+ #
480
+ # @overload create_challenge(params = {})
481
+ # @param [Hash] params ({})
482
+ def create_challenge(params = {}, options = {})
483
+ req = build_request(:create_challenge, params)
484
+ req.send_request(options)
485
+ end
486
+
487
+ # Creates a SCEP connector. A SCEP connector links Amazon Web Services
488
+ # Private Certificate Authority to your SCEP-compatible devices and
489
+ # mobile device management (MDM) systems. Before you create a connector,
490
+ # you must complete a set of prerequisites, including creation of a
491
+ # private certificate authority (CA) to use with this connector. For
492
+ # more information, see [Connector for SCEP prerequisites][1].
493
+ #
494
+ #
495
+ #
496
+ # [1]: https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-prerequisites.html
497
+ #
498
+ # @option params [required, String] :certificate_authority_arn
499
+ # The Amazon Resource Name (ARN) of the Amazon Web Services Private
500
+ # Certificate Authority certificate authority to use with this
501
+ # connector. Due to security vulnerabilities present in the SCEP
502
+ # protocol, we recommend using a private CA that's dedicated for use
503
+ # with the connector.
504
+ #
505
+ # To retrieve the private CAs associated with your account, you can call
506
+ # [ListCertificateAuthorities][1] using the Amazon Web Services Private
507
+ # CA API.
508
+ #
509
+ #
510
+ #
511
+ # [1]: https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListCertificateAuthorities.html
512
+ #
513
+ # @option params [Types::MobileDeviceManagement] :mobile_device_management
514
+ # If you don't supply a value, by default Connector for SCEP creates a
515
+ # connector for general-purpose use. A general-purpose connector is
516
+ # designed to work with clients or endpoints that support the SCEP
517
+ # protocol, except Connector for SCEP for Microsoft Intune. With
518
+ # connectors for general-purpose use, you manage SCEP challenge
519
+ # passwords using Connector for SCEP. For information about
520
+ # considerations and limitations with using Connector for SCEP, see
521
+ # [Considerations and Limitations][1].
522
+ #
523
+ # If you provide an `IntuneConfiguration`, Connector for SCEP creates a
524
+ # connector for use with Microsoft Intune, and you manage the challenge
525
+ # passwords using Microsoft Intune. For more information, see [Using
526
+ # Connector for SCEP for Microsoft Intune][2].
527
+ #
528
+ #
529
+ #
530
+ # [1]: https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlc4scep-considerations-limitations.html
531
+ # [2]: https://docs.aws.amazon.com/privateca/latest/userguide/scep-connector.htmlconnector-for-scep-intune.html
532
+ #
533
+ # @option params [String] :client_token
534
+ # Custom string that can be used to distinguish between calls to the
535
+ # [CreateChallenge][1] action. Client tokens for `CreateChallenge` time
536
+ # out after five minutes. Therefore, if you call `CreateChallenge`
537
+ # multiple times with the same client token within five minutes,
538
+ # Connector for SCEP recognizes that you are requesting only one
539
+ # challenge and will only respond with one. If you change the client
540
+ # token for each call, Connector for SCEP recognizes that you are
541
+ # requesting multiple challenge passwords.
542
+ #
543
+ # **A suitable default value is auto-generated.** You should normally
544
+ # not need to pass this option.**
545
+ #
546
+ #
547
+ #
548
+ # [1]: https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_CreateChallenge.html
549
+ #
550
+ # @option params [Hash<String,String>] :tags
551
+ # The key-value pairs to associate with the resource.
552
+ #
553
+ # @return [Types::CreateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
554
+ #
555
+ # * {Types::CreateConnectorResponse#connector_arn #connector_arn} => String
556
+ #
557
+ # @example Request syntax with placeholder values
558
+ #
559
+ # resp = client.create_connector({
560
+ # certificate_authority_arn: "CertificateAuthorityArn", # required
561
+ # mobile_device_management: {
562
+ # intune: {
563
+ # azure_application_id: "AzureApplicationId", # required
564
+ # domain: "AzureDomain", # required
565
+ # },
566
+ # },
567
+ # client_token: "ClientToken",
568
+ # tags: {
569
+ # "String" => "String",
570
+ # },
571
+ # })
572
+ #
573
+ # @example Response structure
574
+ #
575
+ # resp.connector_arn #=> String
576
+ #
577
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/CreateConnector AWS API Documentation
578
+ #
579
+ # @overload create_connector(params = {})
580
+ # @param [Hash] params ({})
581
+ def create_connector(params = {}, options = {})
582
+ req = build_request(:create_connector, params)
583
+ req.send_request(options)
584
+ end
585
+
586
+ # Deletes the specified [Challenge][1].
587
+ #
588
+ #
589
+ #
590
+ # [1]: https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_Challenge.html
591
+ #
592
+ # @option params [required, String] :challenge_arn
593
+ # The Amazon Resource Name (ARN) of the challenge password to delete.
594
+ #
595
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
596
+ #
597
+ # @example Request syntax with placeholder values
598
+ #
599
+ # resp = client.delete_challenge({
600
+ # challenge_arn: "ChallengeArn", # required
601
+ # })
602
+ #
603
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/DeleteChallenge AWS API Documentation
604
+ #
605
+ # @overload delete_challenge(params = {})
606
+ # @param [Hash] params ({})
607
+ def delete_challenge(params = {}, options = {})
608
+ req = build_request(:delete_challenge, params)
609
+ req.send_request(options)
610
+ end
611
+
612
+ # Deletes the specified [Connector][1]. This operation also deletes any
613
+ # challenges associated with the connector.
614
+ #
615
+ #
616
+ #
617
+ # [1]: https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_Connector.html
618
+ #
619
+ # @option params [required, String] :connector_arn
620
+ # The Amazon Resource Name (ARN) of the connector to delete.
621
+ #
622
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
623
+ #
624
+ # @example Request syntax with placeholder values
625
+ #
626
+ # resp = client.delete_connector({
627
+ # connector_arn: "ConnectorArn", # required
628
+ # })
629
+ #
630
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/DeleteConnector AWS API Documentation
631
+ #
632
+ # @overload delete_connector(params = {})
633
+ # @param [Hash] params ({})
634
+ def delete_connector(params = {}, options = {})
635
+ req = build_request(:delete_connector, params)
636
+ req.send_request(options)
637
+ end
638
+
639
+ # Retrieves the metadata for the specified [Challenge][1].
640
+ #
641
+ #
642
+ #
643
+ # [1]: https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_Challenge.html
644
+ #
645
+ # @option params [required, String] :challenge_arn
646
+ # The Amazon Resource Name (ARN) of the challenge.
647
+ #
648
+ # @return [Types::GetChallengeMetadataResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
649
+ #
650
+ # * {Types::GetChallengeMetadataResponse#challenge_metadata #challenge_metadata} => Types::ChallengeMetadata
651
+ #
652
+ # @example Request syntax with placeholder values
653
+ #
654
+ # resp = client.get_challenge_metadata({
655
+ # challenge_arn: "ChallengeArn", # required
656
+ # })
657
+ #
658
+ # @example Response structure
659
+ #
660
+ # resp.challenge_metadata.arn #=> String
661
+ # resp.challenge_metadata.connector_arn #=> String
662
+ # resp.challenge_metadata.created_at #=> Time
663
+ # resp.challenge_metadata.updated_at #=> Time
664
+ #
665
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/GetChallengeMetadata AWS API Documentation
666
+ #
667
+ # @overload get_challenge_metadata(params = {})
668
+ # @param [Hash] params ({})
669
+ def get_challenge_metadata(params = {}, options = {})
670
+ req = build_request(:get_challenge_metadata, params)
671
+ req.send_request(options)
672
+ end
673
+
674
+ # Retrieves the challenge password for the specified [Challenge][1].
675
+ #
676
+ #
677
+ #
678
+ # [1]: https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_Challenge.html
679
+ #
680
+ # @option params [required, String] :challenge_arn
681
+ # The Amazon Resource Name (ARN) of the challenge.
682
+ #
683
+ # @return [Types::GetChallengePasswordResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
684
+ #
685
+ # * {Types::GetChallengePasswordResponse#password #password} => String
686
+ #
687
+ # @example Request syntax with placeholder values
688
+ #
689
+ # resp = client.get_challenge_password({
690
+ # challenge_arn: "ChallengeArn", # required
691
+ # })
692
+ #
693
+ # @example Response structure
694
+ #
695
+ # resp.password #=> String
696
+ #
697
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/GetChallengePassword AWS API Documentation
698
+ #
699
+ # @overload get_challenge_password(params = {})
700
+ # @param [Hash] params ({})
701
+ def get_challenge_password(params = {}, options = {})
702
+ req = build_request(:get_challenge_password, params)
703
+ req.send_request(options)
704
+ end
705
+
706
+ # Retrieves details about the specified [Connector][1]. Calling this
707
+ # action returns important details about the connector, such as the
708
+ # public SCEP URL where your clients can request certificates.
709
+ #
710
+ #
711
+ #
712
+ # [1]: https://docs.aws.amazon.com/C4SCEP_API/pca-connector-scep/latest/APIReference/API_Connector.html
713
+ #
714
+ # @option params [required, String] :connector_arn
715
+ # The Amazon Resource Name (ARN) of the connector.
716
+ #
717
+ # @return [Types::GetConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
718
+ #
719
+ # * {Types::GetConnectorResponse#connector #connector} => Types::Connector
720
+ #
721
+ # @example Request syntax with placeholder values
722
+ #
723
+ # resp = client.get_connector({
724
+ # connector_arn: "ConnectorArn", # required
725
+ # })
726
+ #
727
+ # @example Response structure
728
+ #
729
+ # resp.connector.arn #=> String
730
+ # resp.connector.certificate_authority_arn #=> String
731
+ # resp.connector.type #=> String, one of "GENERAL_PURPOSE", "INTUNE"
732
+ # resp.connector.mobile_device_management.intune.azure_application_id #=> String
733
+ # resp.connector.mobile_device_management.intune.domain #=> String
734
+ # resp.connector.open_id_configuration.issuer #=> String
735
+ # resp.connector.open_id_configuration.subject #=> String
736
+ # resp.connector.open_id_configuration.audience #=> String
737
+ # resp.connector.status #=> String, one of "CREATING", "ACTIVE", "DELETING", "FAILED"
738
+ # resp.connector.status_reason #=> String, one of "INTERNAL_FAILURE", "PRIVATECA_ACCESS_DENIED", "PRIVATECA_INVALID_STATE", "PRIVATECA_RESOURCE_NOT_FOUND"
739
+ # resp.connector.endpoint #=> String
740
+ # resp.connector.created_at #=> Time
741
+ # resp.connector.updated_at #=> Time
742
+ #
743
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/GetConnector AWS API Documentation
744
+ #
745
+ # @overload get_connector(params = {})
746
+ # @param [Hash] params ({})
747
+ def get_connector(params = {}, options = {})
748
+ req = build_request(:get_connector, params)
749
+ req.send_request(options)
750
+ end
751
+
752
+ # Retrieves the challenge metadata for the specified ARN.
753
+ #
754
+ # @option params [Integer] :max_results
755
+ # The maximum number of objects that you want Connector for SCEP to
756
+ # return for this request. If more objects are available, in the
757
+ # response, Connector for SCEP provides a `NextToken` value that you can
758
+ # use in a subsequent call to get the next batch of objects.
759
+ #
760
+ # @option params [String] :next_token
761
+ # When you request a list of objects with a `MaxResults` setting, if the
762
+ # number of objects that are still available for retrieval exceeds the
763
+ # maximum you requested, Connector for SCEP returns a `NextToken` value
764
+ # in the response. To retrieve the next batch of objects, use the token
765
+ # returned from the prior request in your next request.
766
+ #
767
+ # @option params [required, String] :connector_arn
768
+ # The Amazon Resource Name (ARN) of the connector.
769
+ #
770
+ # @return [Types::ListChallengeMetadataResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
771
+ #
772
+ # * {Types::ListChallengeMetadataResponse#challenges #challenges} => Array&lt;Types::ChallengeMetadataSummary&gt;
773
+ # * {Types::ListChallengeMetadataResponse#next_token #next_token} => String
774
+ #
775
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
776
+ #
777
+ # @example Request syntax with placeholder values
778
+ #
779
+ # resp = client.list_challenge_metadata({
780
+ # max_results: 1,
781
+ # next_token: "NextToken",
782
+ # connector_arn: "ConnectorArn", # required
783
+ # })
784
+ #
785
+ # @example Response structure
786
+ #
787
+ # resp.challenges #=> Array
788
+ # resp.challenges[0].arn #=> String
789
+ # resp.challenges[0].connector_arn #=> String
790
+ # resp.challenges[0].created_at #=> Time
791
+ # resp.challenges[0].updated_at #=> Time
792
+ # resp.next_token #=> String
793
+ #
794
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/ListChallengeMetadata AWS API Documentation
795
+ #
796
+ # @overload list_challenge_metadata(params = {})
797
+ # @param [Hash] params ({})
798
+ def list_challenge_metadata(params = {}, options = {})
799
+ req = build_request(:list_challenge_metadata, params)
800
+ req.send_request(options)
801
+ end
802
+
803
+ # Lists the connectors belonging to your Amazon Web Services account.
804
+ #
805
+ # @option params [Integer] :max_results
806
+ # The maximum number of objects that you want Connector for SCEP to
807
+ # return for this request. If more objects are available, in the
808
+ # response, Connector for SCEP provides a `NextToken` value that you can
809
+ # use in a subsequent call to get the next batch of objects.
810
+ #
811
+ # @option params [String] :next_token
812
+ # When you request a list of objects with a `MaxResults` setting, if the
813
+ # number of objects that are still available for retrieval exceeds the
814
+ # maximum you requested, Connector for SCEP returns a `NextToken` value
815
+ # in the response. To retrieve the next batch of objects, use the token
816
+ # returned from the prior request in your next request.
817
+ #
818
+ # @return [Types::ListConnectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
819
+ #
820
+ # * {Types::ListConnectorsResponse#connectors #connectors} => Array&lt;Types::ConnectorSummary&gt;
821
+ # * {Types::ListConnectorsResponse#next_token #next_token} => String
822
+ #
823
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
824
+ #
825
+ # @example Request syntax with placeholder values
826
+ #
827
+ # resp = client.list_connectors({
828
+ # max_results: 1,
829
+ # next_token: "NextToken",
830
+ # })
831
+ #
832
+ # @example Response structure
833
+ #
834
+ # resp.connectors #=> Array
835
+ # resp.connectors[0].arn #=> String
836
+ # resp.connectors[0].certificate_authority_arn #=> String
837
+ # resp.connectors[0].type #=> String, one of "GENERAL_PURPOSE", "INTUNE"
838
+ # resp.connectors[0].mobile_device_management.intune.azure_application_id #=> String
839
+ # resp.connectors[0].mobile_device_management.intune.domain #=> String
840
+ # resp.connectors[0].open_id_configuration.issuer #=> String
841
+ # resp.connectors[0].open_id_configuration.subject #=> String
842
+ # resp.connectors[0].open_id_configuration.audience #=> String
843
+ # resp.connectors[0].status #=> String, one of "CREATING", "ACTIVE", "DELETING", "FAILED"
844
+ # resp.connectors[0].status_reason #=> String, one of "INTERNAL_FAILURE", "PRIVATECA_ACCESS_DENIED", "PRIVATECA_INVALID_STATE", "PRIVATECA_RESOURCE_NOT_FOUND"
845
+ # resp.connectors[0].endpoint #=> String
846
+ # resp.connectors[0].created_at #=> Time
847
+ # resp.connectors[0].updated_at #=> Time
848
+ # resp.next_token #=> String
849
+ #
850
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/ListConnectors AWS API Documentation
851
+ #
852
+ # @overload list_connectors(params = {})
853
+ # @param [Hash] params ({})
854
+ def list_connectors(params = {}, options = {})
855
+ req = build_request(:list_connectors, params)
856
+ req.send_request(options)
857
+ end
858
+
859
+ # Retrieves the tags associated with the specified resource. Tags are
860
+ # key-value pairs that you can use to categorize and manage your
861
+ # resources, for purposes like billing. For example, you might set the
862
+ # tag key to "customer" and the value to the customer name or ID. You
863
+ # can specify one or more tags to add to each Amazon Web Services
864
+ # resource, up to 50 tags for a resource.
865
+ #
866
+ # @option params [required, String] :resource_arn
867
+ # The Amazon Resource Name (ARN) of the resource.
868
+ #
869
+ # @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
870
+ #
871
+ # * {Types::ListTagsForResourceResponse#tags #tags} => Hash&lt;String,String&gt;
872
+ #
873
+ # @example Request syntax with placeholder values
874
+ #
875
+ # resp = client.list_tags_for_resource({
876
+ # resource_arn: "String", # required
877
+ # })
878
+ #
879
+ # @example Response structure
880
+ #
881
+ # resp.tags #=> Hash
882
+ # resp.tags["String"] #=> String
883
+ #
884
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/ListTagsForResource AWS API Documentation
885
+ #
886
+ # @overload list_tags_for_resource(params = {})
887
+ # @param [Hash] params ({})
888
+ def list_tags_for_resource(params = {}, options = {})
889
+ req = build_request(:list_tags_for_resource, params)
890
+ req.send_request(options)
891
+ end
892
+
893
+ # Adds one or more tags to your resource.
894
+ #
895
+ # @option params [required, String] :resource_arn
896
+ # The Amazon Resource Name (ARN) of the resource.
897
+ #
898
+ # @option params [required, Hash<String,String>] :tags
899
+ # The key-value pairs to associate with the resource.
900
+ #
901
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
902
+ #
903
+ # @example Request syntax with placeholder values
904
+ #
905
+ # resp = client.tag_resource({
906
+ # resource_arn: "String", # required
907
+ # tags: { # required
908
+ # "String" => "String",
909
+ # },
910
+ # })
911
+ #
912
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/TagResource AWS API Documentation
913
+ #
914
+ # @overload tag_resource(params = {})
915
+ # @param [Hash] params ({})
916
+ def tag_resource(params = {}, options = {})
917
+ req = build_request(:tag_resource, params)
918
+ req.send_request(options)
919
+ end
920
+
921
+ # Removes one or more tags from your resource.
922
+ #
923
+ # @option params [required, String] :resource_arn
924
+ # The Amazon Resource Name (ARN) of the resource.
925
+ #
926
+ # @option params [required, Array<String>] :tag_keys
927
+ # Specifies a list of tag keys that you want to remove from the
928
+ # specified resources.
929
+ #
930
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
931
+ #
932
+ # @example Request syntax with placeholder values
933
+ #
934
+ # resp = client.untag_resource({
935
+ # resource_arn: "String", # required
936
+ # tag_keys: ["String"], # required
937
+ # })
938
+ #
939
+ # @see http://docs.aws.amazon.com/goto/WebAPI/pca-connector-scep-2018-05-10/UntagResource AWS API Documentation
940
+ #
941
+ # @overload untag_resource(params = {})
942
+ # @param [Hash] params ({})
943
+ def untag_resource(params = {}, options = {})
944
+ req = build_request(:untag_resource, params)
945
+ req.send_request(options)
946
+ end
947
+
948
+ # @!endgroup
949
+
950
+ # @param params ({})
951
+ # @api private
952
+ def build_request(operation_name, params = {})
953
+ handlers = @handlers.for(operation_name)
954
+ context = Seahorse::Client::RequestContext.new(
955
+ operation_name: operation_name,
956
+ operation: config.api.operation(operation_name),
957
+ client: self,
958
+ params: params,
959
+ config: config)
960
+ context[:gem_name] = 'aws-sdk-pcaconnectorscep'
961
+ context[:gem_version] = '1.0.0'
962
+ Seahorse::Client::Request.new(handlers, context)
963
+ end
964
+
965
+ # @api private
966
+ # @deprecated
967
+ def waiter_names
968
+ []
969
+ end
970
+
971
+ class << self
972
+
973
+ # @api private
974
+ attr_reader :identifier
975
+
976
+ # @api private
977
+ def errors_module
978
+ Errors
979
+ end
980
+
981
+ end
982
+ end
983
+ end