aws-sdk-rolesanywhere 1.2.0 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-rolesanywhere/client.rb +227 -84
- data/lib/aws-sdk-rolesanywhere/client_api.rb +78 -1
- data/lib/aws-sdk-rolesanywhere/endpoint_provider.rb +27 -24
- data/lib/aws-sdk-rolesanywhere/endpoints.rb +28 -0
- data/lib/aws-sdk-rolesanywhere/plugins/endpoints.rb +4 -0
- data/lib/aws-sdk-rolesanywhere/types.rb +217 -90
- data/lib/aws-sdk-rolesanywhere.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 0dd957849de81415b8eaf1b6a444752bfb62a17d5ef814399060bb115fe570d0
|
4
|
+
data.tar.gz: 05b21627a3bd36076b0daa3b2561ac172f998b7c728ef0ef81106c6f6eeb27de
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3acd1434dfc0c49f1117fa979ce7f47002fbc78d14d876b3c90788420f18e74f9273a49b731ab1b65dd3493a22f6471b5c3fa51a3b9873897a2f23c934b4eb5e
|
7
|
+
data.tar.gz: 331356edcf235ea08c2921b24f40742c9b40dcf7c0b88ffa6fc2b9b2acee12eb372238a908844e63e4e79acc2c033a2745349d0a0cbc0c1a4bb526e4441939bf
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,16 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.4.0 (2023-05-31)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
8
|
+
|
9
|
+
1.3.0 (2023-05-15)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Adds support for custom notification settings in a trust anchor. Introduces PutNotificationSettings and ResetNotificationSettings API's. Updates DurationSeconds max value to 3600.
|
13
|
+
|
4
14
|
1.2.0 (2023-01-18)
|
5
15
|
------------------
|
6
16
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.4.0
|
@@ -275,6 +275,11 @@ module Aws::RolesAnywhere
|
|
275
275
|
# in the future.
|
276
276
|
#
|
277
277
|
#
|
278
|
+
# @option options [String] :sdk_ua_app_id
|
279
|
+
# A unique and opaque application ID that is appended to the
|
280
|
+
# User-Agent header as app/<sdk_ua_app_id>. It should have a
|
281
|
+
# maximum length of 50.
|
282
|
+
#
|
278
283
|
# @option options [String] :secret_access_key
|
279
284
|
#
|
280
285
|
# @option options [String] :session_token
|
@@ -368,10 +373,9 @@ module Aws::RolesAnywhere
|
|
368
373
|
|
369
374
|
# @!group API Operations
|
370
375
|
|
371
|
-
# Creates a profile
|
372
|
-
#
|
373
|
-
#
|
374
|
-
# policies.
|
376
|
+
# Creates a *profile*, a list of the roles that Roles Anywhere service
|
377
|
+
# is trusted to assume. You use profiles to intersect permissions with
|
378
|
+
# IAM managed policies.
|
375
379
|
#
|
376
380
|
# <b>Required permissions: </b> `rolesanywhere:CreateProfile`.
|
377
381
|
#
|
@@ -389,20 +393,12 @@ module Aws::RolesAnywhere
|
|
389
393
|
# The name of the profile.
|
390
394
|
#
|
391
395
|
# @option params [Boolean] :require_instance_properties
|
392
|
-
# Specifies whether instance properties are required in
|
393
|
-
#
|
394
|
-
#
|
395
|
-
#
|
396
|
-
#
|
397
|
-
# [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
|
396
|
+
# Specifies whether instance properties are required in temporary
|
397
|
+
# credential requests with this profile.
|
398
398
|
#
|
399
399
|
# @option params [required, Array<String>] :role_arns
|
400
|
-
# A list of IAM roles that this profile can assume in a
|
401
|
-
#
|
402
|
-
#
|
403
|
-
#
|
404
|
-
#
|
405
|
-
# [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
|
400
|
+
# A list of IAM roles that this profile can assume in a temporary
|
401
|
+
# credential request.
|
406
402
|
#
|
407
403
|
# @option params [String] :session_policy
|
408
404
|
# A session policy that applies to the trust boundary of the vended
|
@@ -459,14 +455,12 @@ module Aws::RolesAnywhere
|
|
459
455
|
req.send_request(options)
|
460
456
|
end
|
461
457
|
|
462
|
-
# Creates a trust anchor
|
463
|
-
# and your certificate authority (CA)
|
464
|
-
#
|
465
|
-
#
|
466
|
-
#
|
467
|
-
#
|
468
|
-
# trusted Certificate Authority (CA) in exchange for temporary AWS
|
469
|
-
# credentials.
|
458
|
+
# Creates a trust anchor to establish trust between IAM Roles Anywhere
|
459
|
+
# and your certificate authority (CA). You can define a trust anchor as
|
460
|
+
# a reference to an Private Certificate Authority (Private CA) or by
|
461
|
+
# uploading a CA certificate. Your Amazon Web Services workloads can
|
462
|
+
# authenticate with the trust anchor using certificates issued by the CA
|
463
|
+
# in exchange for temporary Amazon Web Services credentials.
|
470
464
|
#
|
471
465
|
# <b>Required permissions: </b> `rolesanywhere:CreateTrustAnchor`.
|
472
466
|
#
|
@@ -476,6 +470,9 @@ module Aws::RolesAnywhere
|
|
476
470
|
# @option params [required, String] :name
|
477
471
|
# The name of the trust anchor.
|
478
472
|
#
|
473
|
+
# @option params [Array<Types::NotificationSetting>] :notification_settings
|
474
|
+
# A list of notification settings to be associated to the trust anchor.
|
475
|
+
#
|
479
476
|
# @option params [required, Types::Source] :source
|
480
477
|
# The trust anchor type and its related certificate data.
|
481
478
|
#
|
@@ -491,10 +488,18 @@ module Aws::RolesAnywhere
|
|
491
488
|
# resp = client.create_trust_anchor({
|
492
489
|
# enabled: false,
|
493
490
|
# name: "ResourceName", # required
|
491
|
+
# notification_settings: [
|
492
|
+
# {
|
493
|
+
# channel: "ALL", # accepts ALL
|
494
|
+
# enabled: false, # required
|
495
|
+
# event: "CA_CERTIFICATE_EXPIRY", # required, accepts CA_CERTIFICATE_EXPIRY, END_ENTITY_CERTIFICATE_EXPIRY
|
496
|
+
# threshold: 1,
|
497
|
+
# },
|
498
|
+
# ],
|
494
499
|
# source: { # required
|
495
500
|
# source_data: {
|
496
501
|
# acm_pca_arn: "String",
|
497
|
-
# x509_certificate_data: "
|
502
|
+
# x509_certificate_data: "SourceDataX509CertificateDataString",
|
498
503
|
# },
|
499
504
|
# source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY
|
500
505
|
# },
|
@@ -511,6 +516,12 @@ module Aws::RolesAnywhere
|
|
511
516
|
# resp.trust_anchor.created_at #=> Time
|
512
517
|
# resp.trust_anchor.enabled #=> Boolean
|
513
518
|
# resp.trust_anchor.name #=> String
|
519
|
+
# resp.trust_anchor.notification_settings #=> Array
|
520
|
+
# resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
|
521
|
+
# resp.trust_anchor.notification_settings[0].configured_by #=> String
|
522
|
+
# resp.trust_anchor.notification_settings[0].enabled #=> Boolean
|
523
|
+
# resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
524
|
+
# resp.trust_anchor.notification_settings[0].threshold #=> Integer
|
514
525
|
# resp.trust_anchor.source.source_data.acm_pca_arn #=> String
|
515
526
|
# resp.trust_anchor.source.source_data.x509_certificate_data #=> String
|
516
527
|
# resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
@@ -629,6 +640,12 @@ module Aws::RolesAnywhere
|
|
629
640
|
# resp.trust_anchor.created_at #=> Time
|
630
641
|
# resp.trust_anchor.enabled #=> Boolean
|
631
642
|
# resp.trust_anchor.name #=> String
|
643
|
+
# resp.trust_anchor.notification_settings #=> Array
|
644
|
+
# resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
|
645
|
+
# resp.trust_anchor.notification_settings[0].configured_by #=> String
|
646
|
+
# resp.trust_anchor.notification_settings[0].enabled #=> Boolean
|
647
|
+
# resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
648
|
+
# resp.trust_anchor.notification_settings[0].threshold #=> Integer
|
632
649
|
# resp.trust_anchor.source.source_data.acm_pca_arn #=> String
|
633
650
|
# resp.trust_anchor.source.source_data.x509_certificate_data #=> String
|
634
651
|
# resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
@@ -682,15 +699,11 @@ module Aws::RolesAnywhere
|
|
682
699
|
req.send_request(options)
|
683
700
|
end
|
684
701
|
|
685
|
-
# Disables a profile. When disabled,
|
702
|
+
# Disables a profile. When disabled, temporary credential requests with
|
686
703
|
# this profile fail.
|
687
704
|
#
|
688
705
|
# <b>Required permissions: </b> `rolesanywhere:DisableProfile`.
|
689
706
|
#
|
690
|
-
#
|
691
|
-
#
|
692
|
-
# [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
|
693
|
-
#
|
694
707
|
# @option params [required, String] :profile_id
|
695
708
|
# The unique identifier of the profile.
|
696
709
|
#
|
@@ -730,15 +743,11 @@ module Aws::RolesAnywhere
|
|
730
743
|
req.send_request(options)
|
731
744
|
end
|
732
745
|
|
733
|
-
# Disables a trust anchor. When disabled,
|
746
|
+
# Disables a trust anchor. When disabled, temporary credential requests
|
734
747
|
# specifying this trust anchor are unauthorized.
|
735
748
|
#
|
736
749
|
# <b>Required permissions: </b> `rolesanywhere:DisableTrustAnchor`.
|
737
750
|
#
|
738
|
-
#
|
739
|
-
#
|
740
|
-
# [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
|
741
|
-
#
|
742
751
|
# @option params [required, String] :trust_anchor_id
|
743
752
|
# The unique identifier of the trust anchor.
|
744
753
|
#
|
@@ -757,6 +766,12 @@ module Aws::RolesAnywhere
|
|
757
766
|
# resp.trust_anchor.created_at #=> Time
|
758
767
|
# resp.trust_anchor.enabled #=> Boolean
|
759
768
|
# resp.trust_anchor.name #=> String
|
769
|
+
# resp.trust_anchor.notification_settings #=> Array
|
770
|
+
# resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
|
771
|
+
# resp.trust_anchor.notification_settings[0].configured_by #=> String
|
772
|
+
# resp.trust_anchor.notification_settings[0].enabled #=> Boolean
|
773
|
+
# resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
774
|
+
# resp.trust_anchor.notification_settings[0].threshold #=> Integer
|
760
775
|
# resp.trust_anchor.source.source_data.acm_pca_arn #=> String
|
761
776
|
# resp.trust_anchor.source.source_data.x509_certificate_data #=> String
|
762
777
|
# resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
@@ -812,15 +827,10 @@ module Aws::RolesAnywhere
|
|
812
827
|
req.send_request(options)
|
813
828
|
end
|
814
829
|
|
815
|
-
# Enables
|
816
|
-
# [CreateSession][1].
|
830
|
+
# Enables temporary credential requests for a profile.
|
817
831
|
#
|
818
832
|
# <b>Required permissions: </b> `rolesanywhere:EnableProfile`.
|
819
833
|
#
|
820
|
-
#
|
821
|
-
#
|
822
|
-
# [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
|
823
|
-
#
|
824
834
|
# @option params [required, String] :profile_id
|
825
835
|
# The unique identifier of the profile.
|
826
836
|
#
|
@@ -883,6 +893,12 @@ module Aws::RolesAnywhere
|
|
883
893
|
# resp.trust_anchor.created_at #=> Time
|
884
894
|
# resp.trust_anchor.enabled #=> Boolean
|
885
895
|
# resp.trust_anchor.name #=> String
|
896
|
+
# resp.trust_anchor.notification_settings #=> Array
|
897
|
+
# resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
|
898
|
+
# resp.trust_anchor.notification_settings[0].configured_by #=> String
|
899
|
+
# resp.trust_anchor.notification_settings[0].enabled #=> Boolean
|
900
|
+
# resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
901
|
+
# resp.trust_anchor.notification_settings[0].threshold #=> Integer
|
886
902
|
# resp.trust_anchor.source.source_data.acm_pca_arn #=> String
|
887
903
|
# resp.trust_anchor.source.source_data.x509_certificate_data #=> String
|
888
904
|
# resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
@@ -979,11 +995,11 @@ module Aws::RolesAnywhere
|
|
979
995
|
req.send_request(options)
|
980
996
|
end
|
981
997
|
|
982
|
-
# Gets a
|
983
|
-
# authentication attempts
|
984
|
-
#
|
985
|
-
#
|
986
|
-
#
|
998
|
+
# Gets a *subject*, which associates a certificate identity with
|
999
|
+
# authentication attempts. The subject stores auditing information such
|
1000
|
+
# as the status of the last authentication attempt, the certificate data
|
1001
|
+
# used in the attempt, and the last time the associated identity
|
1002
|
+
# attempted authentication.
|
987
1003
|
#
|
988
1004
|
# <b>Required permissions: </b> `rolesanywhere:GetSubject`.
|
989
1005
|
#
|
@@ -1053,6 +1069,12 @@ module Aws::RolesAnywhere
|
|
1053
1069
|
# resp.trust_anchor.created_at #=> Time
|
1054
1070
|
# resp.trust_anchor.enabled #=> Boolean
|
1055
1071
|
# resp.trust_anchor.name #=> String
|
1072
|
+
# resp.trust_anchor.notification_settings #=> Array
|
1073
|
+
# resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
|
1074
|
+
# resp.trust_anchor.notification_settings[0].configured_by #=> String
|
1075
|
+
# resp.trust_anchor.notification_settings[0].enabled #=> Boolean
|
1076
|
+
# resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
1077
|
+
# resp.trust_anchor.notification_settings[0].threshold #=> Integer
|
1056
1078
|
# resp.trust_anchor.source.source_data.acm_pca_arn #=> String
|
1057
1079
|
# resp.trust_anchor.source.source_data.x509_certificate_data #=> String
|
1058
1080
|
# resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
@@ -1069,15 +1091,15 @@ module Aws::RolesAnywhere
|
|
1069
1091
|
req.send_request(options)
|
1070
1092
|
end
|
1071
1093
|
|
1072
|
-
# Imports the certificate revocation list (CRL).
|
1094
|
+
# Imports the certificate revocation list (CRL). A CRL is a list of
|
1073
1095
|
# certificates that have been revoked by the issuing certificate
|
1074
|
-
# Authority (CA). IAM Roles Anywhere validates against the
|
1075
|
-
#
|
1096
|
+
# Authority (CA). IAM Roles Anywhere validates against the CRL before
|
1097
|
+
# issuing credentials.
|
1076
1098
|
#
|
1077
1099
|
# <b>Required permissions: </b> `rolesanywhere:ImportCrl`.
|
1078
1100
|
#
|
1079
1101
|
# @option params [required, String, StringIO, File] :crl_data
|
1080
|
-
# The x509 v3 specified certificate revocation list
|
1102
|
+
# The x509 v3 specified certificate revocation list (CRL).
|
1081
1103
|
#
|
1082
1104
|
# @option params [Boolean] :enabled
|
1083
1105
|
# Specifies whether the certificate revocation list (CRL) is enabled.
|
@@ -1131,15 +1153,15 @@ module Aws::RolesAnywhere
|
|
1131
1153
|
req.send_request(options)
|
1132
1154
|
end
|
1133
1155
|
|
1134
|
-
# Lists all
|
1135
|
-
# Region.
|
1156
|
+
# Lists all certificate revocation lists (CRL) in the authenticated
|
1157
|
+
# account and Amazon Web Services Region.
|
1136
1158
|
#
|
1137
1159
|
# <b>Required permissions: </b> `rolesanywhere:ListCrls`.
|
1138
1160
|
#
|
1139
1161
|
# @option params [String] :next_token
|
1140
1162
|
# A token that indicates where the output should continue from, if a
|
1141
|
-
# previous
|
1142
|
-
#
|
1163
|
+
# previous request did not show all results. To get the next results,
|
1164
|
+
# make the request again with this value.
|
1143
1165
|
#
|
1144
1166
|
# @option params [Integer] :page_size
|
1145
1167
|
# The number of resources in the paginated list.
|
@@ -1187,8 +1209,8 @@ module Aws::RolesAnywhere
|
|
1187
1209
|
#
|
1188
1210
|
# @option params [String] :next_token
|
1189
1211
|
# A token that indicates where the output should continue from, if a
|
1190
|
-
# previous
|
1191
|
-
#
|
1212
|
+
# previous request did not show all results. To get the next results,
|
1213
|
+
# make the request again with this value.
|
1192
1214
|
#
|
1193
1215
|
# @option params [Integer] :page_size
|
1194
1216
|
# The number of resources in the paginated list.
|
@@ -1242,8 +1264,8 @@ module Aws::RolesAnywhere
|
|
1242
1264
|
#
|
1243
1265
|
# @option params [String] :next_token
|
1244
1266
|
# A token that indicates where the output should continue from, if a
|
1245
|
-
# previous
|
1246
|
-
#
|
1267
|
+
# previous request did not show all results. To get the next results,
|
1268
|
+
# make the request again with this value.
|
1247
1269
|
#
|
1248
1270
|
# @option params [Integer] :page_size
|
1249
1271
|
# The number of resources in the paginated list.
|
@@ -1322,8 +1344,8 @@ module Aws::RolesAnywhere
|
|
1322
1344
|
#
|
1323
1345
|
# @option params [String] :next_token
|
1324
1346
|
# A token that indicates where the output should continue from, if a
|
1325
|
-
# previous
|
1326
|
-
#
|
1347
|
+
# previous request did not show all results. To get the next results,
|
1348
|
+
# make the request again with this value.
|
1327
1349
|
#
|
1328
1350
|
# @option params [Integer] :page_size
|
1329
1351
|
# The number of resources in the paginated list.
|
@@ -1349,6 +1371,12 @@ module Aws::RolesAnywhere
|
|
1349
1371
|
# resp.trust_anchors[0].created_at #=> Time
|
1350
1372
|
# resp.trust_anchors[0].enabled #=> Boolean
|
1351
1373
|
# resp.trust_anchors[0].name #=> String
|
1374
|
+
# resp.trust_anchors[0].notification_settings #=> Array
|
1375
|
+
# resp.trust_anchors[0].notification_settings[0].channel #=> String, one of "ALL"
|
1376
|
+
# resp.trust_anchors[0].notification_settings[0].configured_by #=> String
|
1377
|
+
# resp.trust_anchors[0].notification_settings[0].enabled #=> Boolean
|
1378
|
+
# resp.trust_anchors[0].notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
1379
|
+
# resp.trust_anchors[0].notification_settings[0].threshold #=> Integer
|
1352
1380
|
# resp.trust_anchors[0].source.source_data.acm_pca_arn #=> String
|
1353
1381
|
# resp.trust_anchors[0].source.source_data.x509_certificate_data #=> String
|
1354
1382
|
# resp.trust_anchors[0].source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
@@ -1365,6 +1393,121 @@ module Aws::RolesAnywhere
|
|
1365
1393
|
req.send_request(options)
|
1366
1394
|
end
|
1367
1395
|
|
1396
|
+
# Attaches a list of *notification settings* to a trust anchor.
|
1397
|
+
#
|
1398
|
+
# A notification setting includes information such as event name,
|
1399
|
+
# threshold, status of the notification setting, and the channel to
|
1400
|
+
# notify.
|
1401
|
+
#
|
1402
|
+
# <b>Required permissions: </b> `rolesanywhere:PutNotificationSettings`.
|
1403
|
+
#
|
1404
|
+
# @option params [required, Array<Types::NotificationSetting>] :notification_settings
|
1405
|
+
# A list of notification settings to be associated to the trust anchor.
|
1406
|
+
#
|
1407
|
+
# @option params [required, String] :trust_anchor_id
|
1408
|
+
# The unique identifier of the trust anchor.
|
1409
|
+
#
|
1410
|
+
# @return [Types::PutNotificationSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1411
|
+
#
|
1412
|
+
# * {Types::PutNotificationSettingsResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail
|
1413
|
+
#
|
1414
|
+
# @example Request syntax with placeholder values
|
1415
|
+
#
|
1416
|
+
# resp = client.put_notification_settings({
|
1417
|
+
# notification_settings: [ # required
|
1418
|
+
# {
|
1419
|
+
# channel: "ALL", # accepts ALL
|
1420
|
+
# enabled: false, # required
|
1421
|
+
# event: "CA_CERTIFICATE_EXPIRY", # required, accepts CA_CERTIFICATE_EXPIRY, END_ENTITY_CERTIFICATE_EXPIRY
|
1422
|
+
# threshold: 1,
|
1423
|
+
# },
|
1424
|
+
# ],
|
1425
|
+
# trust_anchor_id: "Uuid", # required
|
1426
|
+
# })
|
1427
|
+
#
|
1428
|
+
# @example Response structure
|
1429
|
+
#
|
1430
|
+
# resp.trust_anchor.created_at #=> Time
|
1431
|
+
# resp.trust_anchor.enabled #=> Boolean
|
1432
|
+
# resp.trust_anchor.name #=> String
|
1433
|
+
# resp.trust_anchor.notification_settings #=> Array
|
1434
|
+
# resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
|
1435
|
+
# resp.trust_anchor.notification_settings[0].configured_by #=> String
|
1436
|
+
# resp.trust_anchor.notification_settings[0].enabled #=> Boolean
|
1437
|
+
# resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
1438
|
+
# resp.trust_anchor.notification_settings[0].threshold #=> Integer
|
1439
|
+
# resp.trust_anchor.source.source_data.acm_pca_arn #=> String
|
1440
|
+
# resp.trust_anchor.source.source_data.x509_certificate_data #=> String
|
1441
|
+
# resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
1442
|
+
# resp.trust_anchor.trust_anchor_arn #=> String
|
1443
|
+
# resp.trust_anchor.trust_anchor_id #=> String
|
1444
|
+
# resp.trust_anchor.updated_at #=> Time
|
1445
|
+
#
|
1446
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/PutNotificationSettings AWS API Documentation
|
1447
|
+
#
|
1448
|
+
# @overload put_notification_settings(params = {})
|
1449
|
+
# @param [Hash] params ({})
|
1450
|
+
def put_notification_settings(params = {}, options = {})
|
1451
|
+
req = build_request(:put_notification_settings, params)
|
1452
|
+
req.send_request(options)
|
1453
|
+
end
|
1454
|
+
|
1455
|
+
# Resets the *custom notification setting* to IAM Roles Anywhere default
|
1456
|
+
# setting.
|
1457
|
+
#
|
1458
|
+
# <b>Required permissions: </b>
|
1459
|
+
# `rolesanywhere:ResetNotificationSettings`.
|
1460
|
+
#
|
1461
|
+
# @option params [required, Array<Types::NotificationSettingKey>] :notification_setting_keys
|
1462
|
+
# A list of notification setting keys to reset. A notification setting
|
1463
|
+
# key includes the event and the channel.
|
1464
|
+
#
|
1465
|
+
# @option params [required, String] :trust_anchor_id
|
1466
|
+
# The unique identifier of the trust anchor.
|
1467
|
+
#
|
1468
|
+
# @return [Types::ResetNotificationSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1469
|
+
#
|
1470
|
+
# * {Types::ResetNotificationSettingsResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail
|
1471
|
+
#
|
1472
|
+
# @example Request syntax with placeholder values
|
1473
|
+
#
|
1474
|
+
# resp = client.reset_notification_settings({
|
1475
|
+
# notification_setting_keys: [ # required
|
1476
|
+
# {
|
1477
|
+
# channel: "ALL", # accepts ALL
|
1478
|
+
# event: "CA_CERTIFICATE_EXPIRY", # required, accepts CA_CERTIFICATE_EXPIRY, END_ENTITY_CERTIFICATE_EXPIRY
|
1479
|
+
# },
|
1480
|
+
# ],
|
1481
|
+
# trust_anchor_id: "Uuid", # required
|
1482
|
+
# })
|
1483
|
+
#
|
1484
|
+
# @example Response structure
|
1485
|
+
#
|
1486
|
+
# resp.trust_anchor.created_at #=> Time
|
1487
|
+
# resp.trust_anchor.enabled #=> Boolean
|
1488
|
+
# resp.trust_anchor.name #=> String
|
1489
|
+
# resp.trust_anchor.notification_settings #=> Array
|
1490
|
+
# resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
|
1491
|
+
# resp.trust_anchor.notification_settings[0].configured_by #=> String
|
1492
|
+
# resp.trust_anchor.notification_settings[0].enabled #=> Boolean
|
1493
|
+
# resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
1494
|
+
# resp.trust_anchor.notification_settings[0].threshold #=> Integer
|
1495
|
+
# resp.trust_anchor.source.source_data.acm_pca_arn #=> String
|
1496
|
+
# resp.trust_anchor.source.source_data.x509_certificate_data #=> String
|
1497
|
+
# resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
1498
|
+
# resp.trust_anchor.trust_anchor_arn #=> String
|
1499
|
+
# resp.trust_anchor.trust_anchor_id #=> String
|
1500
|
+
# resp.trust_anchor.updated_at #=> Time
|
1501
|
+
#
|
1502
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ResetNotificationSettings AWS API Documentation
|
1503
|
+
#
|
1504
|
+
# @overload reset_notification_settings(params = {})
|
1505
|
+
# @param [Hash] params ({})
|
1506
|
+
def reset_notification_settings(params = {}, options = {})
|
1507
|
+
req = build_request(:reset_notification_settings, params)
|
1508
|
+
req.send_request(options)
|
1509
|
+
end
|
1510
|
+
|
1368
1511
|
# Attaches tags to a resource.
|
1369
1512
|
#
|
1370
1513
|
# <b>Required permissions: </b> `rolesanywhere:TagResource`.
|
@@ -1426,15 +1569,15 @@ module Aws::RolesAnywhere
|
|
1426
1569
|
req.send_request(options)
|
1427
1570
|
end
|
1428
1571
|
|
1429
|
-
# Updates the certificate revocation list (CRL).
|
1572
|
+
# Updates the certificate revocation list (CRL). A CRL is a list of
|
1430
1573
|
# certificates that have been revoked by the issuing certificate
|
1431
|
-
#
|
1432
|
-
#
|
1574
|
+
# authority (CA). IAM Roles Anywhere validates against the CRL before
|
1575
|
+
# issuing credentials.
|
1433
1576
|
#
|
1434
1577
|
# <b>Required permissions: </b> `rolesanywhere:UpdateCrl`.
|
1435
1578
|
#
|
1436
1579
|
# @option params [String, StringIO, File] :crl_data
|
1437
|
-
# The x509 v3 specified certificate revocation list
|
1580
|
+
# The x509 v3 specified certificate revocation list (CRL).
|
1438
1581
|
#
|
1439
1582
|
# @option params [required, String] :crl_id
|
1440
1583
|
# The unique identifier of the certificate revocation list (CRL).
|
@@ -1474,10 +1617,9 @@ module Aws::RolesAnywhere
|
|
1474
1617
|
req.send_request(options)
|
1475
1618
|
end
|
1476
1619
|
|
1477
|
-
# Updates
|
1478
|
-
#
|
1479
|
-
#
|
1480
|
-
# policies.
|
1620
|
+
# Updates a *profile*, a list of the roles that IAM Roles Anywhere
|
1621
|
+
# service is trusted to assume. You use profiles to intersect
|
1622
|
+
# permissions with IAM managed policies.
|
1481
1623
|
#
|
1482
1624
|
# <b>Required permissions: </b> `rolesanywhere:UpdateProfile`.
|
1483
1625
|
#
|
@@ -1495,12 +1637,8 @@ module Aws::RolesAnywhere
|
|
1495
1637
|
# The unique identifier of the profile.
|
1496
1638
|
#
|
1497
1639
|
# @option params [Array<String>] :role_arns
|
1498
|
-
# A list of IAM roles that this profile can assume in a
|
1499
|
-
#
|
1500
|
-
#
|
1501
|
-
#
|
1502
|
-
#
|
1503
|
-
# [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
|
1640
|
+
# A list of IAM roles that this profile can assume in a temporary
|
1641
|
+
# credential request.
|
1504
1642
|
#
|
1505
1643
|
# @option params [String] :session_policy
|
1506
1644
|
# A session policy that applies to the trust boundary of the vended
|
@@ -1547,14 +1685,13 @@ module Aws::RolesAnywhere
|
|
1547
1685
|
req.send_request(options)
|
1548
1686
|
end
|
1549
1687
|
|
1550
|
-
# Updates
|
1551
|
-
#
|
1552
|
-
#
|
1553
|
-
#
|
1554
|
-
#
|
1555
|
-
#
|
1556
|
-
#
|
1557
|
-
# credentials.
|
1688
|
+
# Updates a trust anchor. You establish trust between IAM Roles Anywhere
|
1689
|
+
# and your certificate authority (CA) by configuring a trust anchor. You
|
1690
|
+
# can define a trust anchor as a reference to an Private Certificate
|
1691
|
+
# Authority (Private CA) or by uploading a CA certificate. Your Amazon
|
1692
|
+
# Web Services workloads can authenticate with the trust anchor using
|
1693
|
+
# certificates issued by the CA in exchange for temporary Amazon Web
|
1694
|
+
# Services credentials.
|
1558
1695
|
#
|
1559
1696
|
# <b>Required permissions: </b> `rolesanywhere:UpdateTrustAnchor`.
|
1560
1697
|
#
|
@@ -1578,7 +1715,7 @@ module Aws::RolesAnywhere
|
|
1578
1715
|
# source: {
|
1579
1716
|
# source_data: {
|
1580
1717
|
# acm_pca_arn: "String",
|
1581
|
-
# x509_certificate_data: "
|
1718
|
+
# x509_certificate_data: "SourceDataX509CertificateDataString",
|
1582
1719
|
# },
|
1583
1720
|
# source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY
|
1584
1721
|
# },
|
@@ -1590,6 +1727,12 @@ module Aws::RolesAnywhere
|
|
1590
1727
|
# resp.trust_anchor.created_at #=> Time
|
1591
1728
|
# resp.trust_anchor.enabled #=> Boolean
|
1592
1729
|
# resp.trust_anchor.name #=> String
|
1730
|
+
# resp.trust_anchor.notification_settings #=> Array
|
1731
|
+
# resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
|
1732
|
+
# resp.trust_anchor.notification_settings[0].configured_by #=> String
|
1733
|
+
# resp.trust_anchor.notification_settings[0].enabled #=> Boolean
|
1734
|
+
# resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
|
1735
|
+
# resp.trust_anchor.notification_settings[0].threshold #=> Integer
|
1593
1736
|
# resp.trust_anchor.source.source_data.acm_pca_arn #=> String
|
1594
1737
|
# resp.trust_anchor.source.source_data.x509_certificate_data #=> String
|
1595
1738
|
# resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
|
@@ -1619,7 +1762,7 @@ module Aws::RolesAnywhere
|
|
1619
1762
|
params: params,
|
1620
1763
|
config: config)
|
1621
1764
|
context[:gem_name] = 'aws-sdk-rolesanywhere'
|
1622
|
-
context[:gem_version] = '1.
|
1765
|
+
context[:gem_version] = '1.4.0'
|
1623
1766
|
Seahorse::Client::Request.new(handlers, context)
|
1624
1767
|
end
|
1625
1768
|
|