@aws-sdk/client-acm-pca 3.296.0 → 3.298.0

package/dist-types/models/models_0.d.ts

@@ -1,6 +1,7 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-client";
 import { ACMPCAServiceException as __BaseException } from "./ACMPCAServiceException";
 /**
+ * @public
  * <p>Defines the X.500 relative distinguished name (RDN).</p>
  */
 export interface CustomAttribute {
@@ -16,6 +17,7 @@ export interface CustomAttribute {
     Value: string | undefined;
 }
 /**
+ * @public
  * <p>Contains information about the certificate subject. The <code>Subject</code> field in
  * 			the certificate identifies the entity that owns or controls the public key in the
  * 			certificate. The entity can be a user, computer, device, or service. The <code>Subject
@@ -104,6 +106,7 @@ export interface ASN1Subject {
     CustomAttributes?: CustomAttribute[];
 }
 /**
+ * @public
  * <p>Describes an Electronic Data Interchange (EDI) entity as described in as defined in
  * 				<a href="https://datatracker.ietf.org/doc/html/rfc5280">Subject Alternative
  * 				Name</a> in RFC 5280.</p>
@@ -119,6 +122,7 @@ export interface EdiPartyName {
     NameAssigner?: string;
 }
 /**
+ * @public
  * <p>Defines a custom ASN.1 X.400 <code>GeneralName</code> using an object identifier (OID)
  * 			and value. The OID must satisfy the regular expression shown below. For more
  * 			information, see NIST's definition of <a href="https://csrc.nist.gov/glossary/term/Object_Identifier">Object Identifier
@@ -135,6 +139,7 @@ export interface OtherName {
     Value: string | undefined;
 }
 /**
+ * @public
  * <p>Describes an ASN.1 X.400 <code>GeneralName</code> as defined in <a href="https://datatracker.ietf.org/doc/html/rfc5280">RFC 5280</a>. Only one of
  * 			the following naming options should be provided. Providing more than one option results
  * 			in an <code>InvalidArgsException</code> error.</p>
@@ -178,12 +183,16 @@ export interface GeneralName {
      */
     RegisteredId?: string;
 }
+/**
+ * @public
+ */
 export declare enum AccessMethodType {
     CA_REPOSITORY = "CA_REPOSITORY",
     RESOURCE_PKI_MANIFEST = "RESOURCE_PKI_MANIFEST",
     RESOURCE_PKI_NOTIFY = "RESOURCE_PKI_NOTIFY"
 }
 /**
+ * @public
  * <p>Describes the type and format of extension access. Only one of
  * 				<code>CustomObjectIdentifier</code> or <code>AccessMethodType</code> may be
  * 			provided. Providing both results in <code>InvalidArgsException</code>.</p>
@@ -202,6 +211,7 @@ export interface AccessMethod {
     AccessMethodType?: AccessMethodType | string;
 }
 /**
+ * @public
  * <p>Provides access information used by the <code>authorityInfoAccess</code> and
  * 				<code>subjectInfoAccess</code> extensions described in <a href="https://datatracker.ietf.org/doc/html/rfc5280">RFC 5280</a>.</p>
  */
@@ -216,6 +226,7 @@ export interface AccessDescription {
     AccessLocation: GeneralName | undefined;
 }
 /**
+ * @public
  * <p>Defines one or more purposes for which the key contained in the certificate can be
  * 			used. Default value for each option is false.</p>
  */
@@ -258,6 +269,7 @@ export interface KeyUsage {
     DecipherOnly?: boolean;
 }
 /**
+ * @public
  * <p>Describes the certificate extensions to be added to the certificate signing request
  * 			(CSR).</p>
  */
@@ -274,12 +286,18 @@ export interface CsrExtensions {
      */
     SubjectInformationAccess?: AccessDescription[];
 }
+/**
+ * @public
+ */
 export declare enum KeyAlgorithm {
     EC_prime256v1 = "EC_prime256v1",
     EC_secp384r1 = "EC_secp384r1",
     RSA_2048 = "RSA_2048",
     RSA_4096 = "RSA_4096"
 }
+/**
+ * @public
+ */
 export declare enum SigningAlgorithm {
     SHA256WITHECDSA = "SHA256WITHECDSA",
     SHA256WITHRSA = "SHA256WITHRSA",
@@ -289,6 +307,7 @@ export declare enum SigningAlgorithm {
     SHA512WITHRSA = "SHA512WITHRSA"
 }
 /**
+ * @public
  * <p>Contains configuration information for your private certificate authority (CA). This
  * 			includes information about the class of public key algorithm and the key pair that your
  * 			private CA creates when it issues a certificate. It also includes the signature
@@ -319,19 +338,29 @@ export interface CertificateAuthorityConfiguration {
      */
     CsrExtensions?: CsrExtensions;
 }
+/**
+ * @public
+ */
 export declare enum CertificateAuthorityType {
     ROOT = "ROOT",
     SUBORDINATE = "SUBORDINATE"
 }
+/**
+ * @public
+ */
 export declare enum KeyStorageSecurityStandard {
     FIPS_140_2_LEVEL_2_OR_HIGHER = "FIPS_140_2_LEVEL_2_OR_HIGHER",
     FIPS_140_2_LEVEL_3_OR_HIGHER = "FIPS_140_2_LEVEL_3_OR_HIGHER"
 }
+/**
+ * @public
+ */
 export declare enum S3ObjectAcl {
     BUCKET_OWNER_FULL_CONTROL = "BUCKET_OWNER_FULL_CONTROL",
     PUBLIC_READ = "PUBLIC_READ"
 }
 /**
+ * @public
  * <p>Contains configuration information for a certificate revocation list (CRL). Your
  * 			private certificate authority (CA) creates base CRLs. Delta CRLs are not supported. You
  * 			can enable CRLs for your new or an existing private CA by setting the <b>Enabled</b> parameter to <code>true</code>. Your private CA
@@ -501,6 +530,7 @@ export interface CrlConfiguration {
     S3ObjectAcl?: S3ObjectAcl | string;
 }
 /**
+ * @public
  * <p>Contains information to enable and configure Online Certificate Status Protocol (OCSP)
  * 			for validating certificate revocation status.</p>
  *          <p>When you revoke a certificate, OCSP responses may take up to 60 minutes
@@ -527,6 +557,7 @@ export interface OcspConfiguration {
     OcspCustomCname?: string;
 }
 /**
+ * @public
  * <p>Certificate revocation information used by the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> and <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> actions. Your private certificate authority (CA)
  * 			can configure Online Certificate Status Protocol (OCSP) support and/or maintain a
  * 			certificate revocation list (CRL). OCSP returns validation information about
@@ -551,6 +582,7 @@ export interface RevocationConfiguration {
     OcspConfiguration?: OcspConfiguration;
 }
 /**
+ * @public
  * <p>Tags are labels that you can use to identify and organize your private CAs. Each tag
  * 			consists of a key and an optional value. You can associate up to 50 tags with a private
  * 			CA. To add one or more tags to a private CA, call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_TagCertificateAuthority.html">TagCertificateAuthority</a>
@@ -566,10 +598,16 @@ export interface Tag {
      */
     Value?: string;
 }
+/**
+ * @public
+ */
 export declare enum CertificateAuthorityUsageMode {
     GENERAL_PURPOSE = "GENERAL_PURPOSE",
     SHORT_LIVED_CERTIFICATE = "SHORT_LIVED_CERTIFICATE"
 }
+/**
+ * @public
+ */
 export interface CreateCertificateAuthorityRequest {
     /**
      * <p>Name and bit size of the private key algorithm, the name of the signing algorithm, and
@@ -660,6 +698,9 @@ export interface CreateCertificateAuthorityRequest {
      */
     UsageMode?: CertificateAuthorityUsageMode | string;
 }
+/**
+ * @public
+ */
 export interface CreateCertificateAuthorityResponse {
     /**
      * <p>If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This
@@ -672,6 +713,7 @@ export interface CreateCertificateAuthorityResponse {
     CertificateAuthorityArn?: string;
 }
 /**
+ * @public
  * <p>One or more of the specified arguments was not valid.</p>
  */
 export declare class InvalidArgsException extends __BaseException {
@@ -683,6 +725,7 @@ export declare class InvalidArgsException extends __BaseException {
     constructor(opts: __ExceptionOptionType<InvalidArgsException, __BaseException>);
 }
 /**
+ * @public
  * <p>The resource policy is invalid or is missing a required statement. For general
  * 			information about IAM policy and statement structure, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json">Overview of JSON Policies</a>.</p>
  */
@@ -695,6 +738,7 @@ export declare class InvalidPolicyException extends __BaseException {
     constructor(opts: __ExceptionOptionType<InvalidPolicyException, __BaseException>);
 }
 /**
+ * @public
  * <p>The tag associated with the CA is not valid. The invalid argument is contained in the
  * 			message field.</p>
  */
@@ -707,6 +751,7 @@ export declare class InvalidTagException extends __BaseException {
     constructor(opts: __ExceptionOptionType<InvalidTagException, __BaseException>);
 }
 /**
+ * @public
  * <p>An Amazon Web Services Private CA quota has been exceeded. See the exception message returned to determine
  * 			the quota that was exceeded.</p>
  */
@@ -718,10 +763,16 @@ export declare class LimitExceededException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<LimitExceededException, __BaseException>);
 }
+/**
+ * @public
+ */
 export declare enum AuditReportResponseFormat {
     CSV = "CSV",
     JSON = "JSON"
 }
+/**
+ * @public
+ */
 export interface CreateCertificateAuthorityAuditReportRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the CA to be audited. This is of the form:</p>
@@ -739,6 +790,9 @@ export interface CreateCertificateAuthorityAuditReportRequest {
      */
     AuditReportResponseFormat: AuditReportResponseFormat | string | undefined;
 }
+/**
+ * @public
+ */
 export interface CreateCertificateAuthorityAuditReportResponse {
     /**
      * <p>An alphanumeric string that contains a report identifier.</p>
@@ -751,6 +805,7 @@ export interface CreateCertificateAuthorityAuditReportResponse {
     S3Key?: string;
 }
 /**
+ * @public
  * <p>The requested Amazon Resource Name (ARN) does not refer to an existing
  * 			resource.</p>
  */
@@ -763,6 +818,7 @@ export declare class InvalidArnException extends __BaseException {
     constructor(opts: __ExceptionOptionType<InvalidArnException, __BaseException>);
 }
 /**
+ * @public
  * <p>The state of the private CA does not allow this action to occur.</p>
  */
 export declare class InvalidStateException extends __BaseException {
@@ -774,6 +830,7 @@ export declare class InvalidStateException extends __BaseException {
     constructor(opts: __ExceptionOptionType<InvalidStateException, __BaseException>);
 }
 /**
+ * @public
  * <p>The request has failed for an unspecified reason.</p>
  */
 export declare class RequestFailedException extends __BaseException {
@@ -785,6 +842,7 @@ export declare class RequestFailedException extends __BaseException {
     constructor(opts: __ExceptionOptionType<RequestFailedException, __BaseException>);
 }
 /**
+ * @public
  * <p>Your request is already in progress.</p>
  */
 export declare class RequestInProgressException extends __BaseException {
@@ -796,6 +854,7 @@ export declare class RequestInProgressException extends __BaseException {
     constructor(opts: __ExceptionOptionType<RequestInProgressException, __BaseException>);
 }
 /**
+ * @public
  * <p>A resource such as a private CA, S3 bucket, certificate, audit report, or policy
  * 			cannot be found.</p>
  */
@@ -807,11 +866,17 @@ export declare class ResourceNotFoundException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>);
 }
+/**
+ * @public
+ */
 export declare enum ActionType {
     GetCertificate = "GetCertificate",
     IssueCertificate = "IssueCertificate",
     ListPermissions = "ListPermissions"
 }
+/**
+ * @public
+ */
 export interface CreatePermissionRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the CA that grants the permissions. You can find the
@@ -839,6 +904,7 @@ export interface CreatePermissionRequest {
     Actions: (ActionType | string)[] | undefined;
 }
 /**
+ * @public
  * <p>The designated permission has already been given to the user.</p>
  */
 export declare class PermissionAlreadyExistsException extends __BaseException {
@@ -850,6 +916,7 @@ export declare class PermissionAlreadyExistsException extends __BaseException {
     constructor(opts: __ExceptionOptionType<PermissionAlreadyExistsException, __BaseException>);
 }
 /**
+ * @public
  * <p>A previous update to your private CA is still ongoing.</p>
  */
 export declare class ConcurrentModificationException extends __BaseException {
@@ -860,6 +927,9 @@ export declare class ConcurrentModificationException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<ConcurrentModificationException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface DeleteCertificateAuthorityRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a>. This must have the following form: </p>
@@ -875,6 +945,9 @@ export interface DeleteCertificateAuthorityRequest {
      */
     PermanentDeletionTimeInDays?: number;
 }
+/**
+ * @public
+ */
 export interface DeletePermissionRequest {
     /**
      * <p>The Amazon Resource Number (ARN) of the private CA that issued the permissions. You
@@ -896,6 +969,9 @@ export interface DeletePermissionRequest {
      */
     SourceAccount?: string;
 }
+/**
+ * @public
+ */
 export interface DeletePolicyRequest {
     /**
      * <p>The Amazon Resource Number (ARN) of the private CA that will have its policy deleted.
@@ -906,6 +982,7 @@ export interface DeletePolicyRequest {
     ResourceArn: string | undefined;
 }
 /**
+ * @public
  * <p>The current action was prevented because it would lock the caller out from performing
  * 			subsequent actions. Verify that the specified parameters would not result in the caller
  * 			being denied access to the resource. </p>
@@ -918,6 +995,9 @@ export declare class LockoutPreventedException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<LockoutPreventedException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface DescribeCertificateAuthorityRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a>. This must be of the form: </p>
@@ -928,11 +1008,17 @@ export interface DescribeCertificateAuthorityRequest {
      */
     CertificateAuthorityArn: string | undefined;
 }
+/**
+ * @public
+ */
 export declare enum FailureReason {
     OTHER = "OTHER",
     REQUEST_TIMED_OUT = "REQUEST_TIMED_OUT",
     UNSUPPORTED_ALGORITHM = "UNSUPPORTED_ALGORITHM"
 }
+/**
+ * @public
+ */
 export declare enum CertificateAuthorityStatus {
     ACTIVE = "ACTIVE",
     CREATING = "CREATING",
@@ -943,6 +1029,7 @@ export declare enum CertificateAuthorityStatus {
     PENDING_CERTIFICATE = "PENDING_CERTIFICATE"
 }
 /**
+ * @public
  * <p>Contains information about your private certificate authority (CA). Your private CA
  * 			can issue and revoke X.509 digital certificates. Digital certificates verify that the
  * 			entity named in the certificate <b>Subject</b> field owns or
@@ -1030,6 +1117,9 @@ export interface CertificateAuthority {
      */
     UsageMode?: CertificateAuthorityUsageMode | string;
 }
+/**
+ * @public
+ */
 export interface DescribeCertificateAuthorityResponse {
     /**
      * <p>A <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CertificateAuthority.html">CertificateAuthority</a> structure that contains information about your private
@@ -1037,6 +1127,9 @@ export interface DescribeCertificateAuthorityResponse {
      */
     CertificateAuthority?: CertificateAuthority;
 }
+/**
+ * @public
+ */
 export interface DescribeCertificateAuthorityAuditReportRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of the private CA. This must be of the form:</p>
@@ -1051,11 +1144,17 @@ export interface DescribeCertificateAuthorityAuditReportRequest {
      */
     AuditReportId: string | undefined;
 }
+/**
+ * @public
+ */
 export declare enum AuditReportStatus {
     CREATING = "CREATING",
     FAILED = "FAILED",
     SUCCESS = "SUCCESS"
 }
+/**
+ * @public
+ */
 export interface DescribeCertificateAuthorityAuditReportResponse {
     /**
      * <p>Specifies whether report creation is in progress, has succeeded, or has failed.</p>
@@ -1075,6 +1174,9 @@ export interface DescribeCertificateAuthorityAuditReportResponse {
      */
     CreatedAt?: Date;
 }
+/**
+ * @public
+ */
 export interface GetCertificateRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a>. This must be of the form: </p>
@@ -1094,6 +1196,9 @@ export interface GetCertificateRequest {
      */
     CertificateArn: string | undefined;
 }
+/**
+ * @public
+ */
 export interface GetCertificateResponse {
     /**
      * <p>The base64 PEM-encoded certificate specified by the <code>CertificateArn</code>
@@ -1106,6 +1211,9 @@ export interface GetCertificateResponse {
      */
     CertificateChain?: string;
 }
+/**
+ * @public
+ */
 export interface GetCertificateAuthorityCertificateRequest {
     /**
      * <p>The Amazon Resource Name (ARN) of your private CA. This is of the form:</p>
@@ -1116,6 +1224,9 @@ export interface GetCertificateAuthorityCertificateRequest {
      */
     CertificateAuthorityArn: string | undefined;
 }
+/**
+ * @public
+ */
 export interface GetCertificateAuthorityCertificateResponse {
     /**
      * <p>Base64-encoded certificate authority (CA) certificate.</p>
@@ -1129,6 +1240,9 @@ export interface GetCertificateAuthorityCertificateResponse {
      */
     CertificateChain?: string;
 }
+/**
+ * @public
+ */
 export interface GetCertificateAuthorityCsrRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action. This must be of the form: </p>
@@ -1139,6 +1253,9 @@ export interface GetCertificateAuthorityCsrRequest {
      */
     CertificateAuthorityArn: string | undefined;
 }
+/**
+ * @public
+ */
 export interface GetCertificateAuthorityCsrResponse {
     /**
      * <p>The base64 PEM-encoded certificate signing request (CSR) for your private CA
@@ -1146,6 +1263,9 @@ export interface GetCertificateAuthorityCsrResponse {
      */
     Csr?: string;
 }
+/**
+ * @public
+ */
 export interface GetPolicyRequest {
     /**
      * <p>The Amazon Resource Number (ARN) of the private CA that will have its policy
@@ -1155,6 +1275,9 @@ export interface GetPolicyRequest {
      */
     ResourceArn: string | undefined;
 }
+/**
+ * @public
+ */
 export interface GetPolicyResponse {
     /**
      * <p>The policy attached to the private CA as a JSON document.</p>
@@ -1162,6 +1285,7 @@ export interface GetPolicyResponse {
     Policy?: string;
 }
 /**
+ * @public
  * <p>The certificate authority certificate you are importing does not comply with
  * 			conditions specified in the certificate that signed it.</p>
  */
@@ -1173,6 +1297,9 @@ export declare class CertificateMismatchException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<CertificateMismatchException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface ImportCertificateAuthorityCertificateRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a>. This must be of the form: </p>
@@ -1198,6 +1325,7 @@ export interface ImportCertificateAuthorityCertificateRequest {
     CertificateChain?: Uint8Array;
 }
 /**
+ * @public
  * <p>The request action cannot be performed or is prohibited.</p>
  */
 export declare class InvalidRequestException extends __BaseException {
@@ -1209,6 +1337,7 @@ export declare class InvalidRequestException extends __BaseException {
     constructor(opts: __ExceptionOptionType<InvalidRequestException, __BaseException>);
 }
 /**
+ * @public
  * <p>One or more fields in the certificate are invalid.</p>
  */
 export declare class MalformedCertificateException extends __BaseException {
@@ -1219,10 +1348,14 @@ export declare class MalformedCertificateException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<MalformedCertificateException, __BaseException>);
 }
+/**
+ * @public
+ */
 export declare enum PolicyQualifierId {
     CPS = "CPS"
 }
 /**
+ * @public
  * <p>Defines a <code>PolicyInformation</code> qualifier. Amazon Web Services Private CA supports the <a href="https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4">certification
  * 				practice statement (CPS) qualifier</a> defined in RFC 5280. </p>
  */
@@ -1234,6 +1367,7 @@ export interface Qualifier {
     CpsUri: string | undefined;
 }
 /**
+ * @public
  * <p>Modifies the <code>CertPolicyId</code> of a <code>PolicyInformation</code> object with
  * 			a qualifier. Amazon Web Services Private CA supports the certification practice statement (CPS)
  * 			qualifier.</p>
@@ -1250,6 +1384,7 @@ export interface PolicyQualifierInfo {
     Qualifier: Qualifier | undefined;
 }
 /**
+ * @public
  * <p>Defines the X.509 <code>CertificatePolicies</code> extension.</p>
  */
 export interface PolicyInformation {
@@ -1266,6 +1401,7 @@ export interface PolicyInformation {
     PolicyQualifiers?: PolicyQualifierInfo[];
 }
 /**
+ * @public
  * <p></p>
  *          <p>Specifies the X.509 extension information for a certificate.</p>
  *          <p>Extensions present in <code>CustomExtensions</code> follow the
@@ -1292,6 +1428,9 @@ export interface CustomExtension {
      */
     Critical?: boolean;
 }
+/**
+ * @public
+ */
 export declare enum ExtendedKeyUsageType {
     CERTIFICATE_TRANSPARENCY = "CERTIFICATE_TRANSPARENCY",
     CLIENT_AUTH = "CLIENT_AUTH",
@@ -1304,6 +1443,7 @@ export declare enum ExtendedKeyUsageType {
     TIME_STAMPING = "TIME_STAMPING"
 }
 /**
+ * @public
  * <p>Specifies additional purposes for which the certified public key may be used other
  * 			than basic purposes indicated in the <code>KeyUsage</code> extension.</p>
  */
@@ -1320,6 +1460,7 @@ export interface ExtendedKeyUsage {
     ExtendedKeyUsageObjectIdentifier?: string;
 }
 /**
+ * @public
  * <p>Contains X.509 extension information for a certificate.</p>
  */
 export interface Extensions {
@@ -1361,6 +1502,7 @@ export interface Extensions {
     CustomExtensions?: CustomExtension[];
 }
 /**
+ * @public
  * <p>Contains X.509 certificate information to be placed in an issued certificate. An
  * 				<code>APIPassthrough</code> or <code>APICSRPassthrough</code> template variant must
  * 			be selected, or else this parameter is ignored. </p>
@@ -1382,6 +1524,9 @@ export interface ApiPassthrough {
      */
     Subject?: ASN1Subject;
 }
+/**
+ * @public
+ */
 export declare enum ValidityPeriodType {
     ABSOLUTE = "ABSOLUTE",
     DAYS = "DAYS",
@@ -1390,6 +1535,7 @@ export declare enum ValidityPeriodType {
     YEARS = "YEARS"
 }
 /**
+ * @public
  * <p>Validity specifies the period of time during which a certificate is valid. Validity
  * 			can be expressed as an explicit date and time when the validity of a certificate starts
  * 			or expires, or as a span of time after issuance, stated in days, months, or years. For
@@ -1454,6 +1600,9 @@ export interface Validity {
      */
     Type: ValidityPeriodType | string | undefined;
 }
+/**
+ * @public
+ */
 export interface IssueCertificateRequest {
     /**
      * <p>Specifies X.509 certificate information to be included in the issued certificate. An
@@ -1558,6 +1707,9 @@ export interface IssueCertificateRequest {
      */
     IdempotencyToken?: string;
 }
+/**
+ * @public
+ */
 export interface IssueCertificateResponse {
     /**
      * <p>The Amazon Resource Name (ARN) of the issued certificate and the certificate serial
@@ -1570,6 +1722,7 @@ export interface IssueCertificateResponse {
     CertificateArn?: string;
 }
 /**
+ * @public
  * <p>The certificate signing request is invalid.</p>
  */
 export declare class MalformedCSRException extends __BaseException {
@@ -1581,6 +1734,7 @@ export declare class MalformedCSRException extends __BaseException {
     constructor(opts: __ExceptionOptionType<MalformedCSRException, __BaseException>);
 }
 /**
+ * @public
  * <p>The token specified in the <code>NextToken</code> argument is not valid. Use the token
  * 			returned from your previous call to <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListCertificateAuthorities.html">ListCertificateAuthorities</a>.</p>
  */
@@ -1592,10 +1746,16 @@ export declare class InvalidNextTokenException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<InvalidNextTokenException, __BaseException>);
 }
+/**
+ * @public
+ */
 export declare enum ResourceOwner {
     OTHER_ACCOUNTS = "OTHER_ACCOUNTS",
     SELF = "SELF"
 }
+/**
+ * @public
+ */
 export interface ListCertificateAuthoritiesRequest {
     /**
      * <p>Use this parameter when paginating results in a subsequent request after you receive a
@@ -1617,6 +1777,9 @@ export interface ListCertificateAuthoritiesRequest {
      */
     ResourceOwner?: ResourceOwner | string;
 }
+/**
+ * @public
+ */
 export interface ListCertificateAuthoritiesResponse {
     /**
      * <p>Summary information about each certificate authority you have created.</p>
@@ -1628,6 +1791,9 @@ export interface ListCertificateAuthoritiesResponse {
      */
     NextToken?: string;
 }
+/**
+ * @public
+ */
 export interface ListPermissionsRequest {
     /**
      * <p>The Amazon Resource Number (ARN) of the private CA to inspect. You can find the ARN by
@@ -1651,6 +1817,7 @@ export interface ListPermissionsRequest {
     MaxResults?: number;
 }
 /**
+ * @public
  * <p>Permissions designate which private CA actions can be performed by an Amazon Web Services service or
  * 			entity. In order for ACM to automatically renew private certificates, you must give
  * 			the ACM service principal all available permissions (<code>IssueCertificate</code>,
@@ -1687,6 +1854,9 @@ export interface Permission {
      */
     Policy?: string;
 }
+/**
+ * @public
+ */
 export interface ListPermissionsResponse {
     /**
      * <p>Summary information about each permission assigned by the specified private CA,
@@ -1699,6 +1869,9 @@ export interface ListPermissionsResponse {
      */
     NextToken?: string;
 }
+/**
+ * @public
+ */
 export interface ListTagsRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action. This must be of the form: </p>
@@ -1722,6 +1895,9 @@ export interface ListTagsRequest {
      */
     MaxResults?: number;
 }
+/**
+ * @public
+ */
 export interface ListTagsResponse {
     /**
      * <p>The tags associated with your private CA.</p>
@@ -1733,6 +1909,9 @@ export interface ListTagsResponse {
      */
     NextToken?: string;
 }
+/**
+ * @public
+ */
 export interface PutPolicyRequest {
     /**
      * <p>The Amazon Resource Number (ARN) of the private CA to associate with the policy. The
@@ -1749,6 +1928,9 @@ export interface PutPolicyRequest {
      */
     Policy: string | undefined;
 }
+/**
+ * @public
+ */
 export interface RestoreCertificateAuthorityRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action. This must be of the form: </p>
@@ -1760,6 +1942,7 @@ export interface RestoreCertificateAuthorityRequest {
     CertificateAuthorityArn: string | undefined;
 }
 /**
+ * @public
  * <p>Your request has already been completed.</p>
  */
 export declare class RequestAlreadyProcessedException extends __BaseException {
@@ -1770,6 +1953,9 @@ export declare class RequestAlreadyProcessedException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<RequestAlreadyProcessedException, __BaseException>);
 }
+/**
+ * @public
+ */
 export declare enum RevocationReason {
     AFFILIATION_CHANGED = "AFFILIATION_CHANGED",
     A_A_COMPROMISE = "A_A_COMPROMISE",
@@ -1780,6 +1966,9 @@ export declare enum RevocationReason {
     SUPERSEDED = "SUPERSEDED",
     UNSPECIFIED = "UNSPECIFIED"
 }
+/**
+ * @public
+ */
 export interface RevokeCertificateRequest {
     /**
      * <p>Amazon Resource Name (ARN) of the private CA that issued the certificate to be
@@ -1809,6 +1998,9 @@ export interface RevokeCertificateRequest {
      */
     RevocationReason: RevocationReason | string | undefined;
 }
+/**
+ * @public
+ */
 export interface TagCertificateAuthorityRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a>. This must be of the form: </p>
@@ -1824,6 +2016,7 @@ export interface TagCertificateAuthorityRequest {
     Tags: Tag[] | undefined;
 }
 /**
+ * @public
  * <p>You can associate up to 50 tags with a private CA. Exception information is contained
  * 			in the exception message field.</p>
  */
@@ -1835,6 +2028,9 @@ export declare class TooManyTagsException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<TooManyTagsException, __BaseException>);
 }
+/**
+ * @public
+ */
 export interface UntagCertificateAuthorityRequest {
     /**
      * <p>The Amazon Resource Name (ARN) that was returned when you called <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a>. This must be of the form: </p>
@@ -1849,6 +2045,9 @@ export interface UntagCertificateAuthorityRequest {
      */
     Tags: Tag[] | undefined;
 }
+/**
+ * @public
+ */
 export interface UpdateCertificateAuthorityRequest {
     /**
      * <p>Amazon Resource Name (ARN) of the private CA that issued the certificate to be
@@ -1895,239 +2094,3 @@ export interface UpdateCertificateAuthorityRequest {
      */
     Status?: CertificateAuthorityStatus | string;
 }
-/**
- * @internal
- */
-export declare const CustomAttributeFilterSensitiveLog: (obj: CustomAttribute) => any;
-/**
- * @internal
- */
-export declare const ASN1SubjectFilterSensitiveLog: (obj: ASN1Subject) => any;
-/**
- * @internal
- */
-export declare const EdiPartyNameFilterSensitiveLog: (obj: EdiPartyName) => any;
-/**
- * @internal
- */
-export declare const OtherNameFilterSensitiveLog: (obj: OtherName) => any;
-/**
- * @internal
- */
-export declare const GeneralNameFilterSensitiveLog: (obj: GeneralName) => any;
-/**
- * @internal
- */
-export declare const AccessMethodFilterSensitiveLog: (obj: AccessMethod) => any;
-/**
- * @internal
- */
-export declare const AccessDescriptionFilterSensitiveLog: (obj: AccessDescription) => any;
-/**
- * @internal
- */
-export declare const KeyUsageFilterSensitiveLog: (obj: KeyUsage) => any;
-/**
- * @internal
- */
-export declare const CsrExtensionsFilterSensitiveLog: (obj: CsrExtensions) => any;
-/**
- * @internal
- */
-export declare const CertificateAuthorityConfigurationFilterSensitiveLog: (obj: CertificateAuthorityConfiguration) => any;
-/**
- * @internal
- */
-export declare const CrlConfigurationFilterSensitiveLog: (obj: CrlConfiguration) => any;
-/**
- * @internal
- */
-export declare const OcspConfigurationFilterSensitiveLog: (obj: OcspConfiguration) => any;
-/**
- * @internal
- */
-export declare const RevocationConfigurationFilterSensitiveLog: (obj: RevocationConfiguration) => any;
-/**
- * @internal
- */
-export declare const TagFilterSensitiveLog: (obj: Tag) => any;
-/**
- * @internal
- */
-export declare const CreateCertificateAuthorityRequestFilterSensitiveLog: (obj: CreateCertificateAuthorityRequest) => any;
-/**
- * @internal
- */
-export declare const CreateCertificateAuthorityResponseFilterSensitiveLog: (obj: CreateCertificateAuthorityResponse) => any;
-/**
- * @internal
- */
-export declare const CreateCertificateAuthorityAuditReportRequestFilterSensitiveLog: (obj: CreateCertificateAuthorityAuditReportRequest) => any;
-/**
- * @internal
- */
-export declare const CreateCertificateAuthorityAuditReportResponseFilterSensitiveLog: (obj: CreateCertificateAuthorityAuditReportResponse) => any;
-/**
- * @internal
- */
-export declare const CreatePermissionRequestFilterSensitiveLog: (obj: CreatePermissionRequest) => any;
-/**
- * @internal
- */
-export declare const DeleteCertificateAuthorityRequestFilterSensitiveLog: (obj: DeleteCertificateAuthorityRequest) => any;
-/**
- * @internal
- */
-export declare const DeletePermissionRequestFilterSensitiveLog: (obj: DeletePermissionRequest) => any;
-/**
- * @internal
- */
-export declare const DeletePolicyRequestFilterSensitiveLog: (obj: DeletePolicyRequest) => any;
-/**
- * @internal
- */
-export declare const DescribeCertificateAuthorityRequestFilterSensitiveLog: (obj: DescribeCertificateAuthorityRequest) => any;
-/**
- * @internal
- */
-export declare const CertificateAuthorityFilterSensitiveLog: (obj: CertificateAuthority) => any;
-/**
- * @internal
- */
-export declare const DescribeCertificateAuthorityResponseFilterSensitiveLog: (obj: DescribeCertificateAuthorityResponse) => any;
-/**
- * @internal
- */
-export declare const DescribeCertificateAuthorityAuditReportRequestFilterSensitiveLog: (obj: DescribeCertificateAuthorityAuditReportRequest) => any;
-/**
- * @internal
- */
-export declare const DescribeCertificateAuthorityAuditReportResponseFilterSensitiveLog: (obj: DescribeCertificateAuthorityAuditReportResponse) => any;
-/**
- * @internal
- */
-export declare const GetCertificateRequestFilterSensitiveLog: (obj: GetCertificateRequest) => any;
-/**
- * @internal
- */
-export declare const GetCertificateResponseFilterSensitiveLog: (obj: GetCertificateResponse) => any;
-/**
- * @internal
- */
-export declare const GetCertificateAuthorityCertificateRequestFilterSensitiveLog: (obj: GetCertificateAuthorityCertificateRequest) => any;
-/**
- * @internal
- */
-export declare const GetCertificateAuthorityCertificateResponseFilterSensitiveLog: (obj: GetCertificateAuthorityCertificateResponse) => any;
-/**
- * @internal
- */
-export declare const GetCertificateAuthorityCsrRequestFilterSensitiveLog: (obj: GetCertificateAuthorityCsrRequest) => any;
-/**
- * @internal
- */
-export declare const GetCertificateAuthorityCsrResponseFilterSensitiveLog: (obj: GetCertificateAuthorityCsrResponse) => any;
-/**
- * @internal
- */
-export declare const GetPolicyRequestFilterSensitiveLog: (obj: GetPolicyRequest) => any;
-/**
- * @internal
- */
-export declare const GetPolicyResponseFilterSensitiveLog: (obj: GetPolicyResponse) => any;
-/**
- * @internal
- */
-export declare const ImportCertificateAuthorityCertificateRequestFilterSensitiveLog: (obj: ImportCertificateAuthorityCertificateRequest) => any;
-/**
- * @internal
- */
-export declare const QualifierFilterSensitiveLog: (obj: Qualifier) => any;
-/**
- * @internal
- */
-export declare const PolicyQualifierInfoFilterSensitiveLog: (obj: PolicyQualifierInfo) => any;
-/**
- * @internal
- */
-export declare const PolicyInformationFilterSensitiveLog: (obj: PolicyInformation) => any;
-/**
- * @internal
- */
-export declare const CustomExtensionFilterSensitiveLog: (obj: CustomExtension) => any;
-/**
- * @internal
- */
-export declare const ExtendedKeyUsageFilterSensitiveLog: (obj: ExtendedKeyUsage) => any;
-/**
- * @internal
- */
-export declare const ExtensionsFilterSensitiveLog: (obj: Extensions) => any;
-/**
- * @internal
- */
-export declare const ApiPassthroughFilterSensitiveLog: (obj: ApiPassthrough) => any;
-/**
- * @internal
- */
-export declare const ValidityFilterSensitiveLog: (obj: Validity) => any;
-/**
- * @internal
- */
-export declare const IssueCertificateRequestFilterSensitiveLog: (obj: IssueCertificateRequest) => any;
-/**
- * @internal
- */
-export declare const IssueCertificateResponseFilterSensitiveLog: (obj: IssueCertificateResponse) => any;
-/**
- * @internal
- */
-export declare const ListCertificateAuthoritiesRequestFilterSensitiveLog: (obj: ListCertificateAuthoritiesRequest) => any;
-/**
- * @internal
- */
-export declare const ListCertificateAuthoritiesResponseFilterSensitiveLog: (obj: ListCertificateAuthoritiesResponse) => any;
-/**
- * @internal
- */
-export declare const ListPermissionsRequestFilterSensitiveLog: (obj: ListPermissionsRequest) => any;
-/**
- * @internal
- */
-export declare const PermissionFilterSensitiveLog: (obj: Permission) => any;
-/**
- * @internal
- */
-export declare const ListPermissionsResponseFilterSensitiveLog: (obj: ListPermissionsResponse) => any;
-/**
- * @internal
- */
-export declare const ListTagsRequestFilterSensitiveLog: (obj: ListTagsRequest) => any;
-/**
- * @internal
- */
-export declare const ListTagsResponseFilterSensitiveLog: (obj: ListTagsResponse) => any;
-/**
- * @internal
- */
-export declare const PutPolicyRequestFilterSensitiveLog: (obj: PutPolicyRequest) => any;
-/**
- * @internal
- */
-export declare const RestoreCertificateAuthorityRequestFilterSensitiveLog: (obj: RestoreCertificateAuthorityRequest) => any;
-/**
- * @internal
- */
-export declare const RevokeCertificateRequestFilterSensitiveLog: (obj: RevokeCertificateRequest) => any;
-/**
- * @internal
- */
-export declare const TagCertificateAuthorityRequestFilterSensitiveLog: (obj: TagCertificateAuthorityRequest) => any;
-/**
- * @internal
- */
-export declare const UntagCertificateAuthorityRequestFilterSensitiveLog: (obj: UntagCertificateAuthorityRequest) => any;
-/**
- * @internal
- */
-export declare const UpdateCertificateAuthorityRequestFilterSensitiveLog: (obj: UpdateCertificateAuthorityRequest) => any;